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DuPont's  John  Taylor 
wants  to  turn  his 
network  inside  out 
He  isn't  the  only  one 


thinking  about 
new  ways  to 
combat  internal 
and  external 
threats. 


A  year  of  selling  switches 
wins  Dell  fans,  skeptics 


■  BY  JENNIFER  MEARS 

Cisco,  3Com,  Nortel  and  .  .  . 

Dell? 

In  the  year  since  Dell  made  its 
foray  into  LAN  switching  with  a 
set  of  low-cost  workgroup 
switches,  its  name  has  popped 
up  increasingly  on  network 
equipment  buyers’  shopping 
lists.  While  the  world’s  No.  1  PC 


maker  declines  to  divulge  finan¬ 
cial  details  of  its  switching  busi¬ 
ness,  the  company  says  it  is  see¬ 
ing  steady  growth  quarter  over 
quarter  as  it  capitalizes  on  its 
established  customer  base  and 
rolls  out  products  geared  for  en¬ 
terprise  network  needs. 

“1  spent  a  lot  of  time  contem¬ 
plating  whether  I  wanted  to  go 
See  Dell,  page  61 
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IBM,  Microsoft 
shift  battle  lines 

■  BY  JOHN  FONTANA 

The  long-running  fight  for  e-mail  supremacy  be¬ 
tween  Lotus  Domino  and  Microsoft  Exchange  might 
be  winding  down, but  the  rival  vendors  are  rearming 
for  a  related  but  broader  battle  that  will  be  defined 
by  suites  of  collaborative  components  and  Web  ser¬ 
vices  platforms. 

The  two  will  butt  heads  in  the  next  10  days  as  Lotus 
Software  ships  Domino  6  this  week  and  Microsoft 
follows  with  details  of  the  next  version  of  Exchange 
—  code-named  Titanium  —  and  explains  its  long¬ 
term  road  map  at  its  annual  user  conference  begin¬ 
ning  Oct.  8. 

But  the  real  stakes  have  expanded  beyond 
Domino  and  Exchange  to  encompass  Microsoft’s 
.Net  platform  and  IBM’s  Java  2  Platform  Enterprise 
Edition  (J2EE)  strategy  around  its  WebSphere  prod¬ 
uct  line,  according  to  experts.  Both  vendors  have 


Neck  and  neck 

How  Lotus  and 
Microsoft  fare 
in  the  messaging 
market. 


Lotus 


Microsoft 


Seats  (in  millions) 
66  57  74 

Ha  ■  ■ 

2001 


Revenue  (in  millions) 
$810  $804 

$646 


SOURCE:  IDC 


made  no  secret  that  features  of  Domino  and  Ex¬ 
change,  such  as  calendaring  and  workflow,  will  be 
come  part  of  a  group  of  collaborative  components 

See  Battle,  page  14 


Siemens  raises  its  Volf* 

New  IP  telephony  products  expand  capacity,  extend  reach. 


Money  talks 

Siemens  has  stepped 
up  R&D  for  voice 
technologies. 

Percentage  of  R&D  devoted 
to  voice  research  (in  billions) 


36% 

Total: 

$5.7 


2000 


SOURCE  SIEMENS 


34% 

Total: 

$5.2 


1999 


38% 

Total: 

$6.6 


2001 


■  BY  PHIL  HOCHMUTH 

RESTON.VA.  —  Siemens  will  in 
the  next  few  weeks  unleash  a  bar¬ 
rage  of  IP  telephony  products 
and  applications  aimed  at  large- 
scale  enterprise  convergence 
deployments. 

Upgrades  for  Siemens’  HiPath 
5000  enterprise  softswitch  will 
double  the  capacity  of  the  IP 
PBX  to  2,000  lines,  the  company 
says.  And  it  will  be  possible  to 
use  smaller  HiPath  3000s  as  sur- 
vivable  switch  nodes  in  HiPath 
5000  networks.  Siemens  also  is 


unveiling  a  line  of  middleware 
designed  to  extend  voice  and 
Web-based  applications  to  mo¬ 
bile  users. 

While  Siemens  has  offered  Hi¬ 
Path  convergence  products  for 
two  years,  competitors  Avaya, 
Cisco,  Nortel  and  3Com  were  first 
to  scale  support  beyond  1,000  IP 
users,  observers  say 
And  though  the  German  com¬ 
pany  has  offered  converged 
messaging  applications,  it  had 
yet  to  bring  its  full  telephony 
features  and  technology  to  bear 
See  Siemens,  page  13 
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When  .NET  connected  software  helps  you  quickly  connect  islands  of  data  into  one  clear  picture  for  your  employees,  that’s 
one  degree  of  separation.  All  too  often,  data  critical  to  internal  decision-making  is  scattered  throughout  your  enterprise,  and  you  need  to 
collect  and  present  it  in  a  way  that  makes  sense— quickly.  Microsoft"  SQL  Server'"  2000  Enterprise  Edition  with  Analysis  Services  unifies  and 
analyzes  data  from  various  systems  using  Data  Mining  and  Data  Transformation  Services.  Analytics  built  into  Data  Analyzer  make  information 
available  immediately  to  the  employees  who  require  it,  in  a  way  that  makes  decision-making  easier  and  more  effective.  And  that’s  important, 
because  when  vital  decisions  are  put  off,  so  are  profits.  That’s  one  degree  of  separation.  That’s  business  intelligence  with  .NET.  Find  out  how 
.NET  connected  software  can  help  you  see  the  big  picture.  Go  to  microsoft.com/enterprise  Software  for  the  Agile  Business. 


CompUSA  used  Microsoft  SQL  Server  2000  with  Analysis  Services  and  Data  Transformation  Services 
to  extract  point-of-sale  data  from  228  stores,  150  applications,  and  numerous  databases,  and  then 
integrate  the  information  into  one  data  warehouse.  Now,  not  only  are  employees  able  to  get  a  clearer 

- N  picture  of  the  business  at  large,  but  the  quick  delivery  of  data  means  they 

Full  Desktop  Client  can  adjust  to  meet  opportunities  as  they  knock. 


Microsoft 


If  you  had  BrightStor  ARCserve  Backup,  you  wouldn't  need  this. 

Worried  that  your  current  backup  software  isn't  going  to  be  there  when  you  need  it  most?  It's  time  to  consider  BrightStor" 
ARCserve'  Backup,  the  industry  leader  in  backup  and  data  protection.  Right  now  is  the  best  time  to  make  your  decision  to  change 

with  the  BrightStor  ARCserve  Backup  Competitive  Replacement  Promotion.  For  as  little  as  $495, 
you  can  get  a  complete  suite  of  industry-leading  backup  and  restore  technology.  Or  choose  the 
$995  Deluxe  Package  including  the  Disaster  Recovery  Option,  Open  File  Protection,  Client 
Agents,  24  x  7  Technical  Support,  Upgrade  Protection  and  more  valued  at  up  to  $5,800.  Of 
course,  BrightStor  ARCserve  Backup  isn't  just  a  great  deal.  It's  also  a  great  product.  And  it's  part 
of  the  most  comprehensive  family  of  storage  management  solutions,  backed  by  the  company  that  protects  99%  of  the  Fortune  500.' 
Contact  us  today  to  experience  BrightStor  ARCserve  Backup.  And  get  the  peace  of  mind  you  just  can't  get  from  anywhere  else. 

ca.com/arcserve/replace  1-866-480-8903  Promo  Code  1029 


$495  $995 

Complete  Suite  Deluxe  Package 

BrightStor  ARCserve  Backup 
Competitive  Replacement  Promotion 


BrightStor  ARCserve  Backup 


Computer  Associates™ 


PnvrxTtKXKjl  orffer  is  valid  in  the  continental  U  S.  and  Canada  between  June  10,  2002  and  September  30,  2002  User  must  provide  proof  erf  preexisting  competitive  storage  software  to  purchase  promotional  competitive  replacement 
SKUs  The  above  amounts  are  in  U  S  dollars  CA  reserves  the  right  to  alter,  amend,  cancel  or  extend  this  promotion  at  any  time,  without  notice  All  decisions  by  CA  are  final  where  prohibited  by  low,  see  website  for  corrpfcie  details 

©  2002  Computer  Associates  Inter  national  Inc  (CA)  All  rights  reserved. 
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News 

■  8  Network  Appliance  to  tout  SAN/NAS  flexibility. 

■  8  Some  analysts  warn  bandwidth  prices  are  set  to  rise. 

■  10  Reaping  the  rewards  of  best  practices  in  systems  management. 

■  10  Cisco  combines  its  security  management  tools. 

■  15  Check  Point,  Symantec  to  shake  up  security  management. 

■  16  XCache  Technologies  set  to  offer  Web  acceleration  in 

an  appliance. 


Infrastructure 

■  17  Ascendent  pitches  PBX  busi¬ 
ness  continuity  product  to  govern¬ 
ment,  military  and  business. 

■  17  Nortel  looks  to  lock  down 
Web  servers  and  remote  offices. 

■  18  Web  Office  rolls  out  all-in-one 
small  office  box. 

■  18  Kevin  Tolly:  Always  on 
programs  pose  an  'always  on’ 
threat. 

Enterprise 

Applications 

■  21  Users  shoring  up  network 
security  with  security  information 
management. 

■  21  NetlQ  upgrades  security 
management  tools. 

■  22  Gartner:  Negotiate  CRM 
licensing  terms  carefully. 

■  24  Scott  Bradner:  What 
are  they  so  worried  about? 

Service  Providers 

■  27  Network  services  firm  Savvis 
attracts  funding  in  poor  market. 

■  27  BellSouth  getting  close  to 
having  long-distance  ducks  in  a  row. 

■  28  Johna  Till  Johnson: 

Here's  why  cable  companies  will  win. 

■  30  Special  Focus: 

Content-delivery  network  providers 
look  to  speed  Web  applications. 

The  Edge 

■  31  Comm  Works  plugs  along. 

■  31  Convergent  targets  cable 
operators. 


Technology  Update 

■  35  Multicast  fan-out  saves 
bandwidth. 

■  35  Steve  Blass:  Ask  Dr. 

Internet. 

■  36  Mark  Gibbs:  More 
weirdness. 

■  36  Keith  Shaw:  Connecting 
to  Sprint's  new  network. 

Opinions 

■  38  Editorial:  Shopping  for 
carrier  services  on  the  Web. 

■  39  Joel  Snyder:  Why  trade 
shows  still  matter. 

■  39  Frank  Dzubeck:  Reality 
strikes  the  grid. 

■  62  BackSpin:  What  should 
have  been  done  about  security. 

■  62  ’Net  Buzz:  Getting  a  grip 
on  grids. 


Management 

■  48  IT  pros  have  an  unusual  take 
on  getting  respect. 


Features 

P3P  stands  for  privacy  practices 

Find  out  what  this  new  Internet  privacy  standard  means 
for  your  Web  site. 

Page  41. 

The  new  security  battle  plan 

Putting  up  a  firewall  doesn't  cut  it  anymore.  You  need  a 
new  security  model  that  takes  into  account  internal 
hackers,  road  warriors,  remote  workers,  business  part¬ 
ners  and  e-commerce  customers. 

Page  43. 


JohnTaylor,  chief  technologist  at  DuPont, 
is  looking  into  a  different  approach  to 
security  by  putting  all  the  client  desktops 
on  the  Internet.  See  page  46. 
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Dave  Kearns  vs.  Mac  fans 

Mac  enthusiasts  are  steamed  after  a  recent  column  in  which  Kearns 
said  having  a  Mac  network  doesn't  mean  a  company  doesn't  need  IT. 

DocFinder:  2240 

Your  Microsoft  wish  list 

What  do  you  want  to  see  from  Redmond?  Participate  in  our  ongoing 
Vendor  Wish  List  series. 

DocFinder:  2241 

Networking  Encyclopedia 

Get  definitions  for  the  technologies,  hardware,  protocols,  standards  and 
more  behind  networking. 
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Top  ISP  Report 

Is  your  ISP  measuring  up?  Find  out  with  our  Top  ISP  Report,  a  joint  ven¬ 
ture  between  Network  World  and  eTesting  Labs'  Internet  BenchMark  ser¬ 
vice.  DocFinder  2236 

Seminars  and  Events 

Reduce  the  cost  of  your  WAN 

Get  instruction  on  the  latest  technologies,  services  and  strategies  that 
reduce  the  cost  and  increase  the  value  of  your  WAN  at  Network  World's 
free  event,  ''State  of  the  WAN:  Fine-tuning  your  Wide-Area  Infra¬ 
structure.  DocFinder:  2247 
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Why  the  BBC  uses  Linux 

Fusion  Executive  Editor  Adam  Gaffin  says  one  reason  the 
worldwide  media  giant  uses  the  operating  system  is  because 
the  support  is  so  good. 

DocFinder:  2443 

Help  Desk 

Phone  and  computer  integration 
Columnist  Ron  Nutter  helps  a  user  who  wants  to  add  ser¬ 
vices  such  as  voice  mail  to  remote  locations  without  having 
to  deal  with  individual  phone  companies  or  different  service 
providers  at  each  locale. 

DocFinder:  2444 
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Help  from  the  pros 

Columnist  Jeff  Zbar  says  if  you're  launching  a  telework  pro¬ 
gram  from  scratch,  you  should  consider  hiring  a  telework 
consultant. 

DocFinder:  2445 
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Riding  on  the  metro 

The  Edge  Managing  Editor  Jim  Duffy  says  Cisco  and  Nortel 
are  moving  toward  the  light  in  a  dim  telecom  market. 

DocFinder:  2446 
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■  Good  BadThellgly 


Slapper  takes  one  on  the  chin 

■  The  first  peer-to-peer  computer  virus  with  denial-of-service  cap¬ 
abilities  —  a  worm  called  Slapper  —  took  a  new  turn  last  week. 
The  original  worm,  Slapper.A,  sets  up  its  own  hacker  peer-to-peer 
network  on  compromised  Linux  Apache  Web  servers.  Copycat 
virus  writers  used  the  source  code  in  Slapper.A  to  produce  two 
variants,  Slapper.B  and  Slapper.C,  which  add  new  “features”  such 
as  the  ability  to  collect  system  configuration  information  or  use  a 
different  port.  Although  the  original  Slapper  infected  at  least 
30,000  Apache  servers,  last  week  it  showed  signs  of  ebbing  to 
fewer  than  1,000  infected  machines.  One  reason  for  that,  accord¬ 
ing  to  security  firm  F-Secure,is  that  someone  sent  a  command  on 
Slappers  peer-to-peer  network  to  kill  the  Slapper.A  worm  on 
infected  servers,  the  first  time  anyone  can  recall  a  worm  being 
used  to  kill  a  worm. “We  thought  of  doing  that,  but  its  invading 
machines,”  says  F-Secures  virus  expert  Mikko  Hypponen.  “We 
talked  to  our  lawyers,  and  they  advised  against  it.  So  it  wasn’t  us.” 

BMC  snatches  up  Remedy . . . 

■  Systems  management  software  maker  BMC  Software  last  week  announced  it  would 
buy  trouble-ticketing  vendor  Remedy  from  Peregrine  Systems  for  $350  million.  BMC  says 
it  expects  the  deal  to  close  within  60  days,  pending  approval  from  the  U.S.  Bankruptcy 
Court  and  regulatory  groups.  Remedy  will  operate  as  an  independent  unit  under  BMC. 
According  to  BMC,  the  companies’  product  lines  have  been  integrated  for  years,  and 
existing  Remedy  customers  will  be  able  to  keep  operations  running  smoothly.  BMC  says 
it  expects  Remedy  to  be  profitable  within  12  months. 

. . .  while  Peregrine  files  for  Chapter  11 

■  Peregrine  Systems  last  week  announced  both  the  sale  of  Remedy  to  BMC  and  its 
decision  to  file  for  Chapter  1 1  bankruptcy.  Pdregrine  acquired  Remedy  in  August  2001 
and  last  May  encountered  its  first  accounting  issues  spanning  2000  and  2001.  In  June, 
FVregrine  began  cutting  jobs  and  closing  offices.The  cuts  affected  Remedy  employees, 
but  the  current  Remedy  head  count  remains  at  more  than  1,000  employees. 

Flock  to  Windows  continues 

■  It  apparently  takes  more  than  a  few  bugs  to  scare  off  the  Microsoft  faithful.  An  IDC 
report  last  week  showed  Microsoft  Windows  accounted  for  almost  49%  of  all  new 
license  shipments  for  server  operating  environments  in  2001,  a  7%  increase  over  the 
previous  year.  The  company  also  garnered  93%  of  new  client  operating  environment 
licenses, a  1  .  jump  over  2000.  IDC  said  there  were  5.7  million  new  license  shipments 


Tesla-powered  PCs 

Tesla  coils  are  cool  devices  that  generate  zillions  of  volts  of  electricity.  Naturally, 
somebody  has  rigged  up  a  pair  to  power  his  PC,  although  he  now  needs  advice  on 
keeping  the  PC  cool  and  how  to  keep  the  neighbors  from  complaining  about  the 

noise. 

Read  more  at:  u'ww.nu'fusion.com,  DocFinder:  2451. 


Break  out  the  shopping  carts.  Senior  IT 


executives  plan  to  increase  their  budgets  by  an  average  of  3.7% 
during  the  next  six  to  12 
months,  according  to  a  new 
survey  by  Aberdeen  Group. 

"We  believe  that  this 
budget  increase  is 
of  a  nascent  resurgence  in 
IT  spending,  especially  since 
the  same  survey  group 
indicated  they  planned  to 
decrease  budgets  by  1.4%  o 
back  in  February,"  says  Hugh 
Bishop,  an  Aberdeen  senior 
vice  president.  > 

Bleeding  continues. 


HARRY  CAMPBELL 


There  appears  to  be  no  letup  in  the  flow  of  pink  slips  among  high- 
tech  giants.  Hewlett-Packard  last  week  reported  it  will  cut  16,800 
jobs  over  the  next  year,  up  1,800  from  previous  estimates.  A  silver 
lining:  HP  is  hiring  in  its  printing  and  services  divisions. 


®  Pig  pile  on  Siebel  .  We’re  not  sure  which  was  uglier: 
The  fact  that  independent  market  research  firm  Nucleus  Research 
found  more  than  61%  of  23  Siebel  reference  customers  reported 
a  negative  return  on  investment  on  their  implementations  after 
more  than  two  years  of  use  or  the  manner  in  which  Siebel's 
competitors  in  the  CRM  market  tripped  over  one  another  to  make 
us  aware  of  the  survey  findings. 


in  the  server  operating  environment  in  2001.  Besides  Microsoft’s  share,  Linux  had 
25.7%,  NetWare  11.7%  and  combined  Unix  11.6%.  IDC  said  Microsoft’s  new  licensing 
program  and  a  push  by  customers  to  upgrade  older  Microsoft  technologies  were  two 
factors  for  the  increases. 

EMC  on  a  buying  spree 

■  EMC  is  speeding  along  the  consolidation  of  the  storage  industry  and  filling  gaps  in 
its  product  line  with  the  acquisition  of  Prisa  Networks,  a  specialist  in  storage  resource 
management  software.  The  company  recently  closed  the  deal  for  $20  million.  EMC 
also  has  bid  on  the  data-recovery  and  back-up  software  of  Sanrise,  a  storage  service 
provider  that  filed  for  bankruptcy  in  June.  Sanrise  had  more  than  600  customers  and 
cash  exceeding  $200  million.  When  the  SSP  market  failed  and  other  companies  con¬ 
verted  to  software  sales, Sanrise  couldn’t  adjust  fast  enough.  An  agreement  is  expected 
to  be  reached  by  year-end.  EMC  also  is  reported  to  have  acquired  the  intellectual 
property  of  Cereva  Networks,  once  a  high-flyer  in  the  industry  with  $137  million  in 
funding  and  a  custom-built  storage  server  meant  to  replace  EMC  Symmetrix  with 
faster,  less-expensive  hardware. 

C&W  sells  customer  list  to  New  Edge 

■  Cable  &  Wireless  is  selling  a  portion  of  its  data  service  customer  list  to  New  Edge 
Networks  for  up  to  $4  million.  C&W  originally  announced  its  plans  to  ditch  some  of 
its  U.S.  data  customers  in  May,  saying  that  the  company  instead  is  focusing  on  more 
profitable  services  such  as  IP  VPN,  Web  hosting  and  content  distribution.  New  Edge 
will  pay  C&W  for  each  of  the  potential  1 ,500  dedicated  IP  frame  relay  and  private-line 
customers  that  move  to  its  network.  C&W  also  sold  its  voice  customer  list  to  Primus 
Telecommunications  earlier  this  month  for  up  to  $32  million. 

SBC  to  cut  another  11,000  jobs 

■  Regional  Bell  operating  company  SBC  Communications  announced  last  week  that 
it  will  cut  its  workforce  by  about  1 1,000, approximately  6%  of  its  total  workers.The  lay¬ 
offs  are  in  addition  to  10,000  jobs  SBC  already  cut  this  year. The  carrier  also  slashed  its 
capital  spending  forecast  for  2003  from  $6  billion  to  $5  billion.  SBC  spent  almost  $8 
billion  this  year. 
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Dell  J  Managed  Switches 

PowerConnect”  3024*  Switch 

Scalable,  High-Performance  Managed  Switches 

•  24  fast  Ethernet  Ports  Plus  2  Built-In  Gigabit*  Uplinks 

•  Up  to  128  Gbps  of  Wire-Speed  Switching  Capacity 

•  Stackable  (Supports  up  to  144  FE  Ports  in  a  Stack) 

•  Remote  Access  and  Management  Capabilities 

•  3-Yr  Next  Business  Day  Unit  Replacement* 

£ as  low  as  S20/mo..  (46  pmtsx)  60  Days 
31^  %<l  Same-As-Cash  for  qualified  customers 

WWW  E-VALUE  Code:  12883-  S10906 


PowerConnect”  3248*  Switch 

NEW  High-Performance  Enterprise  Class  Managed  Switches 

•  48  fast  Ethernet  Ports  Plus  2  Built-In  Gigabit*  Uplinks 

•  Multi-Layer  Traffic  Classification  at  Layers  2, 3.  and  4 

•  Advanced  Management  via  Browser  or  Industry-Standard  CLI 

•  3-Yr  Next  Business  Day  Unit  Replacement* 

•  Sale  Price  Includes  $100  Discount 

£  M  m  g*  f*  as  low  as  $40/mo. .  (46  pruts*)  60  Days 
Same-As-Cash  for  qualified  customers 

■  WWW  E-VALUE  Code:  12883- S10913 


PowerConnect"  3048*  Switch 


NEW  Rack-Dense,  High-Performance  Managed  Switches 

•  48  Fast  Ethernet  Ports  Plus  4  Built-In  Gigabit*  Uplinks 

•  Up  to  21 .6  Gbps  of  Wire-Speed  Switching  Capacity 

•  Stackable  (Supports  up  to  144  FE  Ports  in  a  Stack) 

•  3-Yr  Next  Business  Day  Unit  Replacement5' 

•  Sale  Price  Includes  $100  Discount 

as  low  as  $34/mo ,  (46  pmts.x)  60  Days 
I  I  *1  *1  Same-As-Cash  for  qualified  customers 

■  w  W  E-VALUE  Code:  12883-  S10911 


PowerConnect”  5224*  Switch 


NEW  High-Performance  All-Gigabit*  Managed  Switches 

•  24  Copper  Gigabit*  Ports  Plus  4  SFP  Fiber  Uplinks 

•  Layer-3  Aware  Class  of  Service  Prioritization 

•  Advanced  Management  via  Browser  or  Industry  Standard  CLI 

•  3-Yr  Next  Business  Day  Unit  Replacement* 

•  Sale  Price  Includes  $100  Discount 

as  low  as  S68/mo„  (46  pmtsx)  60  Days 
O  m  Same-As-Cash  for  qualified  customers 

LJJ  J  E-VALUE  Code:  12883-  S10923 


Managed  switches  you  can  count 
on  to  do  more  than  just  save  money.  Just  what  you'd  expect  from  Dell,  proven  technology 
that  cuts  costs.  So  whether  you're  building  your  first  network  or  expanding  your  existing  one, 
Dell  PowerConnect  managed  switches  can  handle  your  busy  organization  and  help  you  save 
money.  Equipped  with  the  latest  industry-standard  technology,  PowerConnect  switches  are 
highly  interoperable  and  easily  integrate  into  an  existing  network.  They're  scalable  for  future 
growth  and  have  easy-to-use  management  features  to  help  you  improve  network  up-time 
and  security.  PowerConnect  switches  include  Next  Business  Day52  Unit  Replacement  and, 
of  course,  they’re  all  backed  with  Dell's  service  and  support.  Choosing  Dell  PowerConnect 
switches  means  you  won't  have  to  sacrifice  performance  for  price.  And  that's  a  concept 
you'll  definitely  want  to  plug  into. 


© 

USE  THE  POWER  OF 
THE  E-VALUE  CODE 

Match  our  latest  technology 

with  our  latest  prices  Enter  the 

VALUE 

E -VALUE  code  online  or  give  it 
to  your  sales  rep  over  the 
phone  www  dell  com/evalue 

a%{fea  ■  ~ 

Growing  your  network.  Easy  as 

Visit  www.dell.com/switch  or  call  toll  free  1-800-437-0182. 


Cali:  M  F  7a  9p|Sa1  8a  5p  CT. 

:  iity  and  terms  of  offer  may  change  without  notice  Taxes  and  shipping  charges  extra,  and  vary  U.S  new  purchases  only  LIMIT  5  DISCOUNTED  OR  PROMOTIONAL  ITEMS  PER  CUSTOMER  <i5e  of  customers  leasing  under  these  promo* 
will  be  subject  to  applicable  end -of  lease  options  or  requirements  Dell  cannot  be  responsible  for  errors  in  typography  or  photography 

•This  device  has  not  been  approved  by  the  Federal  Communications  Commission  for  use  in  a  residential  environment  This  device  is  not.  and  may  not  be.  offered  tor  sale  01  lease,  or  sold  or  leased  for  use  in  a  residential  environment  until  the  approval  of  the  FCC  lias  been  obtained 

‘•Monthly  payment  based  on  48-month  QuickLoan  at  12.99%  interest  rate  for  qualified  Small  Business  customers  Your  interest  rate  and  monthly  payment  may  be  same  or  higher,  depending  on  your  creditworthiness  Minimum  transaction  size  of  $500  required  Maximum  aggregate  financed  amount  not  to  exceed 
$25,000  Under  60  Days  Same  As  Cash  QuickLoan,  .merest  accrues  during  first  60  days  after  QuickLoan  Commencement  Date  (which  is  five  days  after  product  shipsi  if  balance  not  paid  within  these  60  days  OFFER  VARIES  BY  CREDITWORTHINESS  OF  CUSTOMER  AS 
DETERMINED  BY  LENDER  Taxes,  fees  and  shipping  charges  are  extra  and  may  vary  Not  valid  on  past  orders  or  financing  QuickLoan  arranged  by  CIT  OnLine  Bank  to  Small  Business  customers  with  approved  credit.  This  term  indicate,  compliance  with  IEEE  standard  802. 3ab  tor  Gigabit  Ethernet,  and  doe',  not 
connote  actual  operating  speed  of  1  Gb/sec  For  high  speed  transmission,  connection  to  a  Gigabit  Ethernet  server  and  network  infrastructure  is  requited  Service  or  replacement  unit  (depending  on  service  contract)  may  be  provided  by  third  party  provider  Technician  or  replacement  unit  will  be  dispatched  if 
necessary  following  phone-baaed  troubleshooting  To  receive  next  business  day  service.  Dell  must  notify  the  service  provider  before  5pm  (depending  un  service  contract)  customer  time  Availability  vanes  Dell,  the  stylized  E  logo.  E-VALUE,  and  PowerConnect  are  trademarks  of  Dell  Computer  Corporation  '02002 
Dell  Computer  Corporation  All  rights  reserved 
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Network  Appliance  opening  up  to  SANs 


■  BY  DENI  CONNOR 

NEW  YORK  —  Network  Appli¬ 
ance  this  week  is  expected  to 
announce  a  handful  of  products 
that  it  claims  will  offer  customers 
for  the  first  time  the  flexibility  of 
simultaneous  access  to  storage 
area  network  and  network- 
attached  storage  data. 

Having  made  its  mark  as  a  NAS 
vendor,  the  company’s  new 
FAS960  and  FAS940  storage  de 
vices  will  connect  to  Ethernet 
and  Fibre  Channel  networks,  and 
serve  data  from  both.  Network  Ap¬ 
pliance  also  will  introduce  a  ver¬ 
sion  of  its  operating  system,  Data 
ONTAP  6.3,  which  enables  SAN 
capability  for  the  FAS960  and 
FAS940,  while  providing  a  higher 
storage  capacity  and  larger  vol¬ 
ume  sizes.  Dividing  disks  into 
fewer  volumes  can  increase  per¬ 
formance. 

While  customers  are  excited 
that  Network  Appliance  will  be 
able  to  supply  them  with  file- 
level  NAS  and  block-level  SAN 
data,  they  are  concerned  about 
other  issues,  such  as  perfor¬ 
mance  and  support. 


“Network  Appliance  will  have 
to  prove  performance  and  relia¬ 
bility  before  they  can  penetrate 
the  [SAN]  market,”  says  Shelly 
Shostak,  lead  Unix  administrator 
for  mobile  communications  com¬ 
pany  Quicksilver  Technology  in 
San  Jose.  Shostak  has  two  Net¬ 
work  Appliance  F760  file  servers 
running  Version  6.1.2  of  Data 
ONTAP 

“[SAN]  devices  still  don’t  play 
together  very  well.  It  is  imperative 
that  Network  Appliance  be  able 
to  provide  a  solution  it  knows 
works  [with  other  products]  and 
can  provide  customer  support  for 
it,”  Shostak  says. 

So  far,  Network  Appliance  has 
done  little  of  the  integration  with 
other  SAN  devices  that  users  and 
vendors  find  critical  to  SAN  im¬ 
plementations,  experts  say. 
Sources  say  that  Network  Appli¬ 
ance  will  only  announce  interop¬ 
erability  with  Brocade  Communi¬ 
cations  Fibre  Channel  switches. 

Network  Appliance  declined  to 
comment  on  its  upcoming  news. 

The  FAS960  and  FAS940  will  be 
SAN-enabled  when  the  new  ver¬ 
sion  of  ONTAP  ships.  Until  then, 


SAN/NAS  convergence 


Network  Appliance’s  FAS960  and  FAS940  are  the  first  arrays  that  retrieve  both  block- 
and  file-level  data.  Here’s  a  sampling  of  SAN/NAS  convergence  devices. 


Vendor 

Product 

File/block 

concurrent 

How  implemented 

Auspex 

NSc300000 

No 

Attaches  block-based  SAN  storage  to  the  Ethernet  network 
so  its  contents  can  be  viewed  and  retrieved  as  files. 

EMC 

Celerra 

No 

Attaches  block-based  SAN  storage  to  the  Ethernet  network 
so  its  contents  can  be  viewed  and  retrieved  as  files. 

IBM 

TotalStorage  Net¬ 
work  Attached 
Storage  300G 

No 

Attaches  block-based  SAN  storage  to  the  Ethernet  network 
so  its  contents  can  be  viewed  and  retrieved  as  files. 

LeftHand 

Networks 

Network  Storage 
Module  100 

Yes,  by  late 
October 

Operates  as  a  single  block-  and  file-level  device;  contains 
IDE  drives. 

Network 

Appliance 

FAS960,  FAS940 

Yes 

Operates  as  a  single  block-  and  file-level  device;  contains 
Fibre  Channel  drives. 

they  operate  only  as  NAS  devices. 
The  boxes  also  include  upgraded 
dual  processors:  the  FAS960  oper¬ 
ates  at  2GHz;  the  FAS940  at 
1.8GHz. 

Customers  who  have  tested  the 
boxes  with  only  file-level  capa¬ 
bility  say  they  are  seeing  a  25% 
performance  increase  over  Net¬ 


work  Appliance’s  F880  file  server. 
With  the  upgraded  processors, 
they  see  transfer  times  reduced 
by  one-third. 

“This  increase  in  performance, 
however,  doesn’t  factor  in  what 
will  happen  when  SAN  [capabili¬ 
ty]  is  turned  on,”  says  a  storage 
administrator  who  asked  not  to 


Some  say  bandwidth  prices  set  to  rise 

But  analysts  say  negotiating  good  deals  will  remain  possible. 

Get  a  better  deal 


■  BY  MICHAEL  MARTIN 

The  demise  of  numerous  telecom  providers 
and  struggles  of  others  such  as  WorldCom, 
Global  Crossing  and  XO  Communications 
could  cause  the  services  prices  of  more  stable 
players  to  rise,  according  to  some  experts. 

“We  think  the  days  of  the  network  manager 
being  a  hero  and  renegotiating  the  price  of 
network  services  down  by  20%  a  year  are 
over’  says  Jay  Pultz,  a  vice  president  and 
research  director  with  Gartner. 

Gartner  has  begun  telling  its  clients  to  lock  in 
rates  with  their  network  service  providers  now, 
because  there  are  indications  that  prices  from 
established  carriers  such  as  AT&T  and  Sprint 
are  on  the  rise. 

In  general,  Pultz  expects  prices  for  data  ser¬ 
vices,  including  frame  relay,  ATM  and  private 
line,  to  rise  between  3%  and  5%  over  the  next 
year.  Prices  for  voice  could  go  up  between  5% 
and  10%,  he  says. 

“Long-distance  voice  is  likely  to  be  most  sus¬ 
ceptible  to  near-term  price  increases,  because 
it’s  the  service  that  until  now  has  dropped  in 
price  the  most  dramaticallyf  he  says. 

Of  course,  because  data  rates  vary  region  by 
region  depending  on  supply  and  demand  in  a 
particular  area,  prices  won’t  increase  every¬ 
where,  Pultz  says. 


Here  are  some  tips  from  Gartner  for 
dealing  with  your  network  service 
providers. 

Lock  in  rates  for  U.S.  locations  now, 
because  prices  will  start  to  rise. 

Negotiate  flexible  clauses  that  can  get  you 
out  of  your  contract. 

Make  your  annual  commitments  to  any  one 
cameras  small  as  possible. 

If  you  haven’t  renegotiated  a  contract  for 
a  while,  do  so  now  to  take  advantage  of 
low  prices. 

International  services  could  continue  to 
decrease  in  price,  Pultz  says,  because  those 
prices  are  currently  so  high. 

With  fewer  telecom  competitors,  there’s  less 
opportunity  for  business  users  to  shop  around 
for  bargains,  says  Rosemary  Cochran,  an  ana¬ 
lyst  with  Vertical  Systems  Group.  Users  also  are 
becoming  more  reluctant  to  change  their  ser¬ 
vice  providers,  she  says. 

"There’s  a  flight  to  quality  back  to  the  estab¬ 
lished  carriers,  because  of  all  the  [competitive 
local  exchange  carriers]  and  ISPs  that  have 
gone  out  of  business,”  Cochran  says. 

IP  VPNs  were  supposed  to  help  drive  data 


networking  costs  down,  but  Cochran  says  that 
hasn’t  really  happened. 

To  get  an  IP  VPN  installed,  users  still  require 
some  kind  of  dedicated  access  for  the  last 
mile,  unless  they’re  willing  to  take  a  quality-of- 
service  hit  with  a  DSL  or  cable  connection. 
And  if  users  want  reliable  performance  over 
an  IP  WAN,  they’ll  have  to  pay  more  for  a  pri¬ 
vate  carrier  IP  network. 

“To  get  the  same  reliability  for  IP  VPN  as  a 
frame,  private  line  or  ATM  connection,  you’re 
not  going  to  be  saving  a  lot  of  money’ 
Cochran  says. 

Another  area  where  prices  should  contin¬ 
ue  to  decrease  is  on  high-capacity  lines  such 
as  OC-3s. 

“There’s  still  a  lot  of  room  for  negotiation” 
Cochran  says. 

Users  willing  to  go  with  less  stable  providers 
that  are  close  to  bankruptcy  or  emerging  from 
bankruptcy,  also  likely  can  cut  better  deals. 

Pultz  says  when  Global  Crossing  emerges 
from  Chapter  11,  it  will  have  no  debt  and  a 
multibillion  dollar  network.  So  it  can  afford  to 
offer  customers  cut-rate  prices. 

In  the  long-term,  though,  the  Global  Cross¬ 
ings  of  the  world  are  going  to  have  to  invest 
in  new  network  equipment  to  launch  new 
services,  so  the  cut-rate  strategy  won’t  work 
forever,  Pultz  says.  ■ 


be  identified. 

The  Network  Appliance  devices 
fit  into  a  group  of  arrays  Gartner 
calls  NAS  gateways  —  devices 
that  let  users  on  the  Ethernet  net¬ 
work  view  the  data  on  the  Fibre 
Channel  network  as  files  rather 
than  blocks  of  information. 

Most  arrays  on  the  market  only 
handle  either  NAS  or  SAN  data. 
Vendors  that  have  introduced 
NAS  gateways  in  the  past  two 
years  are  storage  giants  EMC  and 
IBM,  and  start-up  LeftHand  Net¬ 
works.  EMC  introduced  Celerra; 
IBM  launched  the  TotalStorage 
Network  Attached  Storage  300G; 
and  LeftHand  Networks  prom¬ 
ises  with  its  Network  Storage 
Module  100  the  ability  to  view 
block-  and  file-level  data  concur¬ 
rently  from  their  devices  as  soon 
as  next  month. 

The  market  for  NAS  gateways  is 
expected  to  grow  quickly  as  cus¬ 
tomers  want  to  access  SAN  or 
NAS  data  from  one  device. 
Gartner  predicts  that  about  1.4 
million  units  will  ship  this  year, 
climbing  to  more  than  10.2  mil¬ 
lion  units  in  2006. 

The  FAS960  and  940  replace 
Network  Appliance’s  F880  and 
F840  file  servers. The  FAS960  will 
feature  as  much  as  16  terabytes 
of  capacity;  the  smaller  FAS940 
will  handle  up  to  9  terabytes.  A 
Remote  Management  Card  also 
will  be  offered  for  the  FAS960 
and  FAS940.  A  software  product 
called  SyncMirror,  which  is  used 
on  NAS-only  F800  Series  file 
servers,  also  will  be  included. 
SyncMirror  allows  two  copies  of 
a  file  system  to  be  offered  for 
fault  tolerance  ■ 


nil 


So  many  network  applications. 
So  little  throughput. 

It’s  time  for  Gigabit  to  the  desktop. 


The  surge  in  network  applications  has  caused  bottlenecks  on  desktops  everywhere.  The  solution?  Help  your 
organization  tackle  all  those  network  backups,  remote  software  distributions  and  massive  file  downloads  by 
providing  an  equally  massive  increase  in  throughput.  With  the  Intel®  PRO/IOOO  MT  Desktop  Connection, 
you’ll  benefit  from  10  times  the  throughput.  Other  advantages:  a  Gigabit  connection  works  on  an  existing 
10/100  Mbps  Cat-5  network,  and  will  seamlessly  ramp  up  to  1000  Mbps.  When  this  Gigabit  connection 
is  combined  with  the  Intel®  Pentium®  4  processor,  studies  have  demonstrated  a  significant  boost  in  desktop 
performance.  Intel,  the  leader  in  desktop  connections,  makes  multi-tasking  less  of  a  task  —  cost-effectively 
and  without  any  need  for  expensive  rewiring.  Intel®  PRO  Network  Connections.  The  intelligent  way  to  connect. 


For  a  trial  kit,  product  and  test  information:  www.intel.com/go/desktopgig 


ind  other  countries.  A8  rights  reserved 
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Reaping  the  rewards  of  best  practices 


■  BY  DENISE  DUBIE 

IT  managers  with  tight  budgets 
and  growing  demands  might 
want  to  check  out  a  set  of  best 
practices  that  have  the  likes  of 
Proctor  &  Gamble  and  the  U.S. 
Navy  talking  about  its  promise  to 
cut  costs  and  optimize  services. 

The  Information  Technology  In¬ 
frastructure  Library  (ITIL)  is  a  set 
of  rules  for  how  to  deliver  IT  ser¬ 
vices  more  efficiently  by  improv¬ 
ing  management  processes 
across  IT  departments  that  sup¬ 


port  networks,  applications,  data¬ 
bases  and  systems.  Developed  in 
1992  and  maintained  by  the  U.K.’s 
Office  of  Government  Com¬ 
merce,  ITIL  originally  served  as  a 
set  of  standards  that  service  pro¬ 
viders  had  to  follow  to  deliver  IT 
services  to  the  British  govern¬ 
ment.  After  its  inception,  public 
companies  realized  the  benefits 
and  implemented  parts  of  ITIL  in 
their  internal  IT  departments. 

Proctor  &  Gamble  representa¬ 
tives  told  about  1 ,000  attendees  at 
the  International  IT  Service 


Management  Summit  in  Boston 
last  week  that  the  global  company 
has  saved  about  $500  million 
across  multiple  departments 
since  beginning  to  streamline 
processes  with  ITIL  four  years  ago. 

“It  all  comes  down  to  the  fact 
that  IT  is  an  integral  part  of  sup¬ 
porting  the  business,” says  Morton 
Cohen,  manager  of  global  service 
management  at  Proctor  &  Gam- 
ble.“When  IT  processes  are  done 
by  5,000  people  consistently 
across  one  company  service 
management  can  deliver  tremen¬ 
dous  savings.” 

Cohen,  who  co-chairs  the  Inter¬ 
national  IT  Service  Management 
Forum  (ITSMF)  with  8,000  mem¬ 
bers  worldwide  and  about  700  in 
the  U.S,  says  Proctor  &  Gamble’s 
IT  group  avoided  spending  $125 
million  by  implementing  the  ser¬ 
vice  management  processes  out¬ 
lined  by  ITIL. 

Proctor  &  Gamble  imple¬ 
mented  ITIL’s  “Follow  The  Sun” 
management  process,  which 
entails  staffing  network  data  and 
operations  centers  around  the 
world  according  to  time  zone.  For 
instance,  IT  management  staff  in 
the  Cincinnati  headquarters  man¬ 
ned  shifts  from  1 1  a.m.  to  7  p.m. 
local  time,  while  staff  at  the 
Brussels  data  center  worked  9 
a.m.  to  5  p.m.  local  time,  and  in 
Singapore,  network  operations 
punched  the  clock  from  7  a.m.  to 
3  p.m.  local  time.  The  staffing  let 
Proctor  &  Gamble  use  employees 
worldwide  to  ensure  all  its  data 
centers  were  fully  staffed  from  8 
a.m.  to  5  p.m.  in  each  location’s 
local  time  —  without  adding  staff. 

And  while  ITIL  does  not  recom¬ 
mend  specific  vendor  hardware 
or  software,  it  gives  network  man¬ 
agers  guidelines  on  how  to  imple¬ 
ment  repeatable  and  consistent 
processes  to  eliminate  human 
error  caused  by  solving  IT  prob¬ 
lems  on  the  fly  The  foundation  of 
ITIL’s  principles  can  be  used 
throughout  a  company:  Proctor  & 
Gamble  used  the  ITIL  tenets  in  its 
accounting,  human  resources 
and  other  departments. 

Among  the  IT  processes  ITIL 
addresses  are:  service-level  man¬ 
agement,  capacity  management, 
contingency  planning, availability 
management,  cost  management 
for  IT  services, configuration  man¬ 
agement,  problem  management, 
change  management,  help  desk, 
and  software  control  and  distrib¬ 
ution.  ITIL  certification  programs 
promise  to  train  IT  professionals 


Itching  for  ITIL? 

Information  on  how  to 
implement  ITIL  is  avail¬ 
able  from  many  sources: 

ITIL  resources 

www.itil.co.uk 

www.itilbooks.com 

IT  Service  Management 
Forum 

www.itsmf.net  (U.S.) 
www.itsmf.com  (U.K.) 

British  Standards 
Institution 

www.bsi.org.uk 

Information  Systems  Audit 
and  Control  Association 

www.isaca.org 

Training,  certification  and 
additional  ITIL  literature  is 
available  for  purchase  at 
www.clicktso.com  and 
www.pinkelephant.com 

w 
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to  adapt  ITIL  to  their  networks. 

“ITIL  is  about  having  processes 
in  place  that  enable  the  people, 
software  and  hardware  you  do 
have  to  work  better  so  ultimately 
the  need  to  fight  fires  lessens,” 
says  Glenn  O’Donnell,  a  research 
director  with  Meta  Group. 

While  companies  and  govern¬ 
ments  worldwide  adopted  ITIL  at 
its  inception  in  1992  as  a  founda¬ 
tion  for  IT  best  practices,  the  North 
American  IT  community  only 
awakened  to  its  potential  benefits 
during  the  past  18  months. 

“It’s  partly  the  cowboy  nature  of 
America.  IT  people  here  seem  to 
always  put  the  tools  before  the 
rules’’  says  D.  Akira  Robinson,  a 
computer  scientist  with  the  U.S. 
Navy  which  started  rolling  out  ITIL 
processes  10  months  ago.  He  says 
the  government  began  working 
with  ITIL  after  it  signed  a  services 
contract  with  outsourcing  giant 
Electronic  Data  Systems  (EDS). 

“What  EDS  brought  to  the  table 
in  terms  of  service  management 
opened  eyes  about  the  best  prac¬ 
tices,"  he  says,  adding  that  the 
Navy  wanted  to  implement  those 
same  practices  available  with  out¬ 
sourcers  internally. 

Robinson  says  many  might 
think  ITIL  is  academic,  but  experi¬ 
ence  taught  him  ITIL  isn’t  about 
theories  for  IT  management,  but 
about  how  to  better  manage,  what 
to  do  and  why  to  do  it. 


Organizations  such  at  the  Strat¬ 
egic  Sourcing  Advisory  Council 
(SSAC)  —  formerly  the  MSP  As¬ 
sociation  —  are  encouraging 
outsourcing  companies  and  ser¬ 
vice  providers  to  get  ITIL-certi- 
fied  to  compete  with  internal  IT 
departments  at  large  companies 
now  learning  of  ITIL,  along  with 
companies  such  as  EDS. 

“It’s  a  way  to  track  how  your 
provider  is  performing  point  by 
point,”  says  Edward  Taton,  vice 
president  of  business  develop¬ 
ment  at  IntelliNet  and  spokes¬ 
man  for  the  SSAC.  “IT  depart¬ 
ments  may  not  track  how  they 
perform  these  services,  but  as  an 
outsourcer,  if  you  go  in  to  sell  a 
service  based  on  an  ITIL 
process,  it’s  considered  proven.” 

But  while  ITIL  promises  cost 
savings  and  IT  operational  effi¬ 
ciencies,  implementing  the  same 
processes  for,  say,  change  man¬ 
agement  across  what  still  remain 
IT  silos  —  network, system,  appli¬ 
cation,  database,  help  desk  and 
service  management  —  would 
pose  a  challenge  for  most  corpo¬ 
rate  IT  departments. 

“It’s  not  a  shrink-wrapped  prob¬ 
lem  resolution.  The  company’s 
technology  decision-makers  — 
the  CIO,  the  CTO  —  have  to  make 
the  effort  to  improve  operational 
efficiencies  and  train  their  staff,” 
O’Donnell  says.  An  ITSMF  found¬ 
ing  company,  ManageOne,  of 
Dallas  and  London,  estimates  it 
takes  at  least  six  to  nine  months 
to  reap  even  the  early  benefits  of 
implementing  1T1L.B 
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■  THIS  WEEK’S  QUESTION: 

Michael  Barrett,  the  new 
president  of  the  Liberty 
Alliance  (a  group  suppor¬ 
ting  standards  for  authen¬ 
ticating  online  identities), 
is  vice  president  of 
Internet  strategy  at  which 
large  enterprise  network 
user? 

Answer  tfis  and  me  adduonal  questions 
online  and  you  could  wm  $500!  Visit 

Notwwfc  World  Fusion  and  enter  2349 
in  the  Sfarch  pox. 

www.nwfusion.com 


Cisco  combines 
security  tools 

■  BY  PHIL  HOCHMUTH 

SAN  JOSE  —  Cisco  last  week  announced  upgraded  software  that 
offers  control  over  multiple  types  of  Cisco  network  security  products 
from  a  single  Web-based  application. 

CiscoWorks  VPN/Security  Management  Solution  (VMS)  2.1  consoli¬ 
dates  multiple  security  management  applications  onto  one  server  and 
can  give  IT  security  staff  a  big-picture  view  of  events  as  they  happen 
across  Cisco  VPN  routers,  IPX  firewalls, intrusion-detection  system  (IDS) 
hardware  and  server-based  host  sensors. 

The  new  software  combines  the  VPN  configuration  and  management 
tools  of  CiscoWorks  VMS  2.0  with  two  separate  Secure  Policy  Manager 
(CSPM)  versions  previously  used  for  configuring  PIX  firewalls  and 
Cisco  IDS  hardware  and  host-sensor  software.  The  $8,000  software 
package  also  is  designed  to  centralize  event  logs  from  multiple  secur¬ 
ity  points  in  the  network  and  lets  users  corroborate  events  across  boxes 
as  they  happen,  such  as  a  hacker  attempting  to  bypass  a  firewall  and 
access  a  server  monitored  by  an  IDS  appliance. 

Before  CiscoWorks  VMS  2.1  was  deployed  at  the  county  of  Los  Ang¬ 
eles,  the  IT  department  used  two  versions  of  CSPM  software  for  man¬ 
aging  its  PIX  firewalls  and  Cisco  IDS  gear,  says  Jac  Fagundo,  senior  IT 
specialist  with  L.A.  County 

“You  had  to  have  these  versions  of  [CSPM]  on  separate  servers,  and 
they  didn’t  talk  to  each  other  at  all,"  he  says.  With  the  new  software, “it’s 
a  lot  easier  to  deploy  all  of  your  security  [devices  and  software]  from 
one  tool.”  L.  A.  County  also  has  Cisco  VPN  equipment,  but  does  not  use 
CiscoWorks  VMS  to  manage  that  part  of  the  network. 

Fagundo  adds  that  another  helpful  feature  of  CiscoWorks  VMS  2.1  is 
an  Auto  Update  Server  module,  which  can  be  used  to  push  intrusion- 
detection  signatures  and  policy  updates  to  all  Cisco  security  gear. 

Cisco  also  released  its  Access  Control  Server  (ACS)  3. 1 ,  an  authenti¬ 
cation  server  that  runs  on  Windows  NT  or  2000,  with  support  for  the 
emerging  Protected  Extensible  Authentication  Protocol  (PEAP)  for 
securing  wireless  LANs. 

PEAP  was  developed  by  Cisco,  Microsoft  and  RSA  Security,  and  is  a 
proposed  IETF  standard.  It  is  a  modified  version  of  the  IEEE  802.  lx 
Layer  2  authentication  protocol  that  can  be  used  to  force  wired  and 
wireless  clients  to  authenticate  to  a  network  port  or  access  point 
before  gaining  basic  network  con¬ 
nectivity  or  receiving  an  IP  address. 

In  addition  to  PEAP  Cisco’s  ACS 
now  supports  802. lx  and  a  propri¬ 
etary  wireless  LAN  authentication 
technology  called  Lightweight  Ex¬ 
tensible  Authentication  Protocol. 

ACS  3. 1  costs  $6,000  ■  OoeFinder  5434  www.nwfusion.com 
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Ay  ay  a  scores  with  one  of  the  world's 
largest  IP  Telephony  networks. 

Billions  watched  the  FIFA  World  Cup™  as  the  vital  voice 
and  data  from  the  world’s  largest  sporting  event  was  sent 
over  one  of  the  world's  largest  converged  networks,  designed, 
built  and  maintained  by  Avaya.  Typically  a  12-month  project,  it 
was  completed  In  just  four,  and  saved  hundreds  of  thousands  of 
dollars  in  costs.  Our  IP  Telephony  solutions  handled  close  to  1 00, 000 
IP  phone  calls  per  day  and  peak  data  traffic  four  times  that  of  a 
typical  FORTUNE  500®  company.  Working  with  27  venues  in  two  countries 
and  40,000  network  connections,  Avaya,  a  global  leader  in  voice  and  data 
networks,  delivered  a  practically  flawless  performance.  Utilizing  the  expertise 
of  our  Global  Services  organization  and  patented  Avaya  EXPERT  Systems su 
diagnostic  tools,  the  network  handled  12.03  terabytes  of  data  securely  and 
reliably  —  with  virtually  zero  downtime.  See  what  Avaya  can  do  for  your  business. 
For  a  case  study  of  the  FIFA  World  Cup™  network,  visit  avaya.com/nowtwo 
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With  Avaya,  you’re  already  this  close  to  IP  Telephony. 


Because  Avaya,  the  leader  in  voice  solutions,  has  opened  up  the  world  of  IP  Telephony  to  any 
business.  In  fact,  our  feature-rich  MultiVantage™  software  works  in  an  open  architecture.  This  allows  you 
to  utilize  your  existing  investment  in  both  Telephony  and  LAN  switches,  while  extending  Enterprise 
Class  IP  Solutions  to  anywhere  in  your  network.  So  you  get  the  flexibility  to  deploy  new  capabilities 
exactly  where  they’re  needed  —  while  leveraging  your  current  network  and  applications  investments. 
To  begin  assessing  your  network,  contact  us  at  866-GO-AVAYA.  Or  learn  more  at  avaya.com/yes 
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Siemens'  distributed  VoIP  blueprint 

Siemens  is  upping  the  capacity  of  its  enterprise  IP  PBX,  the  HiPath 
5000,  and  recasting  its  midsize  HiPath  3000  as  a  gateway  device. 


Siemens'  HiPath  5000  can  support  up  to  2,000  IP  phone  users  located  across  remote  offices  and 
at  a  central  site.  New  software  for  the  HiPath  3000  IP  PBX  allows  the  device  to  offload  H.323 
gateway  and  TDM/IP  trunking  from  the  HiPath  5000,  and  free  up  processing  capacity  on  the  switch. 


Corporate  headquarters 

Siemens  Siemens  QoS 

HiPath  5000  2000  appliance 


Siemens 
HiPath  3000 
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HiPath  3000  IP  PBX 
supports  up  to  500 
local  IP  phones  and 
can  act  as  a  stand¬ 
alone  IP  PBX  in  a 
remote  office  in  case 
of  a  WAN  failure. 


Remote  office 

Siemens  QoS 
2000  appliance 
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Siemens 

continued  from  page  1 

on  the  packet  telephony  world. 

At  the  heart  of  the  new  capabilities  is 
Version  4.0  of  Siemens’  call-control  soft¬ 
ware,  which  runs  the  HiPath  5000  in  corpo¬ 
rate  sites  and  the  HiPath  3000  in  smaller 
offices. 

While  the  4.0  software  does  not  increase 
the  capacity  of  the  HiPath  3000  —  500  lines 
—  it  does  let  HiPath  3000s  act  as  H.323 
gatekeepers  and  TDM  trunk/gateways  for  a 
centralized  HiPath  5000. Off-loading  public 
switched  telephone  network  and  voice- 
over-lP  trunk  processing  and  H.323  gate¬ 
keeper  functions  —  call  setup,  teardown  — 
to  the  HiPath  3000  means  the  HiPath  5000 
can  handle  more  calls, Siemens  says. 

“Adding  capacity  to  the  HiPath  5000  is 
going  to  strengthen  [Siemens’]  position  to 
compete  against  the  big  incumbents  like 
Avaya  and  Nortel,  which  have  both  packet 
and  TDM  telephony  plays, "says  Brian  Riggs, 
a  senior  analyst  with  Current  Analysis. 

Riggs  says  it  is  important  for  Siemens  to 
emphasize  its  server-based,  pure  IP  tele¬ 
phony  systems,  such  as  the  HiPath,  for  cus¬ 
tomers  looking  for  a  completely  con¬ 
verged  voice  system.  This  also  could  help 
the  company  compete  against  vendors 
such  as  3Com  and  Cisco,  which  are  leaders 
in  IP  telephony  but  have  no  legacy  tele¬ 
phony  customer  base  to  draw  from,  as 
does  Siemens. 

VoIP  disaster  recovery 

The  4.0  software  also  will  let  HiPath  3000s 
act  as  Survivable  Media  Gateways  (SMG) 
in  HiPath  5000  networks.  In  this  SMG  mode, 
Siemens  says,  each  box  could  continue 
providing  local  phone  access  and  com¬ 
plete  telephony  features  to  a  branch  office 
if  a  WAN  link  went  down  or  the  central 
HiPath  5000  failed. 

The  technology  is  an  answer  to  Cisco’s 
Survivable  Remote  Site  Telephony  (SRST) 
on  its  routers,  observers  say  SRST  provides 
dial  tone  and  some  calling  features  when 
connectivity  to  a  central  Cisco  IP  PBX  is 
broken.  Siemens  says  it  improves  on  this 
idea  —  introduced  by  Cisco  last  year  —  by 
providing  full  PBX  functionality  to  IP  tele¬ 
phony  users  who  are  cut  off,  whereas  the 
SRST  supports  few  features  beyond  dial 
tone,  hold  and  call  transfer. 

Up  to  64  remote  HiPath  3000s  can  be 
clustered  across  LAN  or  WAN  links,  with  a 
HiPath  5000  acting  as  the  hub  of  the  IP 
telephony  network.  Remote  systems  and 
the  central  IP  PBX  share  a  single  user  direc¬ 
tory,  dial  plan  and  features. 

“Survivability  is  very  important”  in  an  IP 
telephony  system,  says  Brian  Strachman, 
an  analyst  with  Cahners  In-Stat.  “Many 
enterprises  that  have  IP  PBXs  use  them 
[in]  remote  offices”  to  connect  back  to 
centrally  located  PBX  or  IP  PBX  systems, 
he  says. 

“Raising  scalability  is  the  right  move,”  he 
adds,  because  that’s  where  the  money  will 
be  in  the  next  few  years  —  large  compa¬ 
nies  looking  to  replace  old  PBXs  with  IP 

This  also  could  help  Siemens  improve 
its  position  in  the  LAN  telephony  market, 


which  will  reach  $3  billion  worldwide  by 
2005,  Strachman  says.  While  Siemens  does 
not  report  IP  PBX  and  handset  sales, 
Strachman  estimates  that  Siemens  ranks 
in  the  bottom  half  of  the  top  10  sellers  of 
IP  telephony  equipment. 

Version  4.0  of  the  HiPath  3000  and  5000 
call  control  software  will  cost  between 
$310  and  $720,and  is  expected  to  be  avail¬ 
able  in  the  first  quarter  of  2003. 

QoS  in  the  mix 

To  help  customers  deploy  converged 
environments,  Siemens  is  introducing  the 
HiPath  QoS  2000  line  of  WAN  traffic-shap¬ 
ing  appliances.  The  products  are  said  to 
be  able  to  prioritize  traffic  into  more  than 
1,000  classifications,  with  support  for  WAN 
speeds  between  fractional  T-l  and  100M 
bit/sec.  These  products  replace  Siemens’ 
HiPath  AP  2500  line  of  QoS  boxes,  which 
supported  traffic  speeds  up  to  384K 
bit/sec. 

According  to  Siemens,  the  box’s  wire- 
speed  packet  inspection  engine  priori¬ 
tizes  out-going  traffic  based  on  TCP/User 
Datagram  Protocol  (UDP)  information  or 
application  type,  such  as  voice,  video  or 
data.  A  management  application  —  the 
HiPath  QoSDirector  —  can  be  used  to 
configure  and  manage  up  to  50  QoS  2000 
boxes  from  a  single  site. 

The  QoS  2000  devices  will  cost  between 
$5,500  and  $25,000,  for  speeds  ranging 
from  512K  to  100M  bit/sec.  All  products 
are  expected  to  be  available  in  the  fourth 
quarter,  except  for  the  512K  bit/sec  box, 
which  is  slated  for  the  first  quarter  of  2003. 

Convergence  apps  on  tap 

In  addition  to  the  IP  PBX  upgrades  and 
new  hardware,  Siemens  this  week  is  an¬ 
nouncing  its  HiPath  Corp- 
orateConnect  and  HiPath 
CommResponse  IP  tele¬ 


phony  middleware  products. 

CommResponse  is  a  Windows  2000  ser¬ 
ver  application  that  can  be  used  to  inte¬ 
grate  interactive  voice  response  (IVR)  and 
text-to-speech  functions  with  back-end 
systems.  CommResponse  can  be  integrat¬ 
ed  with  Microsoft  Outlook,  Siemens’  uni¬ 
fied  messaging  servers  or  a  Lightweight 
Directory  Access  Protocol  server  to 
retrieve  corporate  directory  information 
or  for  transferring  to  other  extensions. 

Once  linked,  employees  could  set  up 
personal  messaging  portals  that  let  callers 
schedule  appointments  in  an  Outlook  cal¬ 
endar  via  touch-tone  or  IVR  commands. 

It  also  would  make  it  possible  to  build 
companywide  voice  portals  that  let 
callers  access  Web-based  data  such  as 
stock  information  or  other  messages.  A 
text-to-speech  engine  is  used  to  convert 
Web  data  into  audio.  Employees  can  post 
custom  messages  or  Web  information  to 
their  personal  CommResponse  portal  via 
Web-based  tools. 

CorporateConnect,  which  also  runs  on 
Win  2000,  can  extend  centralized  PBX  or 
IP  PBX  features  to  mobile  phone  or  voice- 
enabled  PDA  users.  After  logging  into  the 
network  via  a  password, all  features  from  a 
Siemens  PBX  or  IP  PBX  —  such  as  four¬ 
digit  dialing,  transferring,  hold,  conference 
calling  and  messaging  access  —  are 
extended  to  a  user’s  PDA  or  cell  phone. 
User  access  to  the  corporate  network  is 
via  an  encrypted  IP  connection. 

Once  users  are  logged  into  the  IP  net¬ 
work,  they  can  dial  out  over  the  corporate 
network  —  even  overseas  links  —  to 
avoid  cellular  long-distance  or  roaming 
charges. 

Both  applications  are  available  now.  Hi¬ 
Path  CommResponse  costs  $4,100  for  por¬ 
tal  channels  and  the  Corp¬ 
orateConnect  server  costs 
$400  per  user.  ■ 
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IP  Telephony. 
Where  to  start? 

With  Avaya  Enterprise  Class 
IP  Solutions  (EC  LI  PS) 
featuring  MultiVantage ” 
Software,  start  anywhere 
in  your  network. 


S8700  Media  Server 


At  the  core. 

•  Delivers  up  to  99.999% 
reliability 

•  Scalable  from  20  to 
1  million  users 


G700  Media  Gateway 


At  the  edge. 

•  Survivable  remote  location 

•  Standards-based  distributed 
architecture 

•  Cost-effective  option 


From  IP  Phones  to  Pocket  PCs 


With  a  specific  workgroup. 

•  First  to  seamlessly  extend 
applications  to  cellular 

•  Takes  applications  to  remote 
and  mobile  workers  for 
greater  productivity 


To  begin  assessing  your  network,  contact  us  at 
866-GO-AVAYA  Or  learn  more  at  avaya.com/yes 
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Collaboration  collections 


Lotus  and  Microsoft  have  a  number  of  collaboration  products  today  with  features 
that  will  likely  define  the  next-generation  collaborative  components  both  plan  to 
develop  for  their  Web  services  platforms. 


|  Lotus 

Description 

Comment 

Domino 

Core  messaging,  application 
development 

Version  6.0  ships  this  week;  on  track  toward 
componentization. 

Sametime 

Instant  messaging  (presence), 
conferencing 

Version  3.0  ships  this  week;  could  lose  enterprise 
battle  to  IBM’s  Enterprise  Meeting  Server. 

QuickPlace 

Teamware 

Version  3.0  ships  this  week;  moving  toward  tight 
coupling  with  Sametime. 

Discovery 

Server 

Knowledge  management, 
extended  search 

Indexes  documents,  expertise. 

Domino.Doc 

Document  management 

Workflow  for  creating,  managing  documents. 

1  Microsoft 

Description 

Comment 

Exchange 

Core  messaging,  limited 
application  development 

Next  version  "Titanium"  in  2003  adds  wireless 
support,  loses  instant  messaging. 

Exchange 

Conferencing 

Server 

Voice  and  video 

Days  as  a  stand-alone  server  are  numbered. 

SharePoint 
Portal  Server 

Basic  document  management, 
indexing,  search  capabilities 

Needs  enterprise  scalability;  might  absorb 
Microsoft's  Content  Management  Server. 

SharePoint 
Team  Services 

Teamware 

Moving  into  .Net  Server. 

Greenwich 

Server 

Instant  messaging  (presence) 

Will  become  part  of  the  operating  system;  slated 
to  ship  in  2003. 

Battle 
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that  can  be  embedded  in  appli¬ 
cations  built  for  their  respective 
Web  services  infrastructures. 

Those  components  are  de¬ 
signed  to  lead  network  execu¬ 
tives  to  a  world  where  collabora¬ 
tive  services  are  not  separate 
products  but  embedded  in  famil¬ 
iar  application  interfaces,  such 
as  adding  a  group  calendar  into 
a  CRM  application.  The  concept 
has  become  known  as  context¬ 
ual  collaboration. 

“The  seat  war  isn’t  the  focus 
anymore,”  says  David  Ellis,  senior 
technical  analyst  for  Carlson 
Shared  Services,  a  travel,  hospi¬ 
tality  and  marketing  firm  in 
Minneapolis  that  runs  Domino 
and  Exchange.’The  issue  now  is 
that  we  have  this  stuff  in  place 
and  how  do  we  evolve  and  build 
off  of  it.” 

Ellis  says  his  company  first  is 
looking  to  offer  access  to  collab¬ 
oration  systems,  such  as  messag¬ 
ing  and  conferencing,  through  a 
portal  interface  and  then  step  up 
into  the  world  of  collaboration 
components  embedded  in  appli¬ 
cations.  “We’re  just  taking  baby 
steps  now,  ”he  says. 

But  make  no  mistake  about  the 
strategic  importance  of  Domino 
and  Exchange  to  their  owners: 
74  million  users  for  IBM/Lotus 
and  83  million  for  Microsoft, 
according  to  1DC.  Both  vendors 
need  to  move  those  installed 
bases  to  the  next  generation  of 
collaboration  and  Web  services. 

“IBM  cannot  afford  to  lose 
Domino  users  to  Exchange  be¬ 
cause  that  gives  Microsoft  a  pipe¬ 
line  into  the  enterprise  infrastruc¬ 
ture.  And  if  Exchange  loses  seats 
to  Domino  then  they  lose  the 
enterprise’s  interest  in  new  col¬ 
laboration  features  being  added 
to  the  Windows  [operating  sys¬ 
tem],"  says  Harry  Wong,  CEO  of 
Casahl  in  San  Ramon,  Calif.,  that 
makes  data  integration  tools  and 
is  a  Lotus  and  Microsoft  business 
partner. 

Wong  says  the  collaboration 
battle  is  crucial  to  the  level  of 
success  both  sides  will  have  with 
their  Web  services  pitches.“There 
are  multibillions  of  dollars  at 
stake,"  he  says. “It  is  a  most  inter¬ 
esting  battle  to  watch." 

Both  vendors  are  gearing  up  to 
face  the  challenges  and  keep  the 
other  from  stealing  users. 

The  old  game  of  one-upman¬ 
ship  has  been  cast  by  the  way- 
side  for  now;” says  Dana  Gardner, 
an  analyst  with  Aberdeen  Group. 
“The  two  are  now  regrouping  to 


battle  over  Web  services  and  con¬ 
textual  collaboration  that  will  be 
more  framework-oriented  instead 
of  platform-based.” 

That  regrouping  includes  some 
major  tinkering  with  platforms 
and  products  that  might  take 
three  or  four  years  to  blossom, 
according  to  experts. 

IBM  is  at  the  start  of  a  tricky  tran¬ 
sition  from  the  all-in-one  Domino 
Server  back-end  and  develop¬ 
ment  environment  to  Web- 
Sphere/J2EE  and  IBM’s  DB2  data¬ 
base.  Domino  6,  which  includes  a 
free  version  of  WebSphere,  is  the 
first  step  in  that  transition.  And 
while  Versions  3.0  of  Sametime 
(instant  messaging)  and  Quick- 
Place  (teamware)  also  will  be  re¬ 
leased  this  week, sources  say  inte¬ 
gration  with  J2EE  is  weak  and 
won’t  be  strengthened  until  late 
next  year. 

On  the  other  hand,  Microsoft 
needs  to  build  an  integration 
story  around  Exchange  and  myri¬ 
ad  collaboration  components 
such  as  ShareFbint  Fbrtal  Server 
and  Content  Management  Server. 
And  it  must  tie  that  to  the  collab¬ 
oration  features  it  has  shifted  into 
the  operating  system:  ShareFbint 
Team  Services  and  its  forthcom¬ 
ing  real-time  collaboration  tech¬ 
nology  Greenwich  that  will  pro¬ 
vide  instant  messaging  and  even¬ 
tually  engulf  the  Exchange  Con¬ 
ferencing  Server. 


In  addition,  Microsoft  must  pre¬ 
pare  users  for  its  .Net  release  of 
Exchange,  code-named  Kodiak, 
which  will  likely  arrive  in  2005 
and  introduce  a  new  universal 
data  store  based  on  Microsoft’s 
Yukon  technology  that  will  be  a 
foundation  of  .Net. 

Already  the  rhetoric  is  flying. 

“Microsoft  has  separate  product 
groups  that  lack  a  common  strat¬ 
egy  and  [product]  architecture, 
and  they  somehow  have  to  bring 
that  all  together^’  says  Ken  Bis- 
conti,vice  president  of  messaging 
solutions  for  Lotus.  “As  the  world 
moves  toward  contextual  collab¬ 
oration,  users  expect  a  broad 
portfolio  of  integrated  products.” 

“Our  strategy  is  an  upgrade 
path,  and  IBM’s  is  a  rip-and- 
replace,”  says  Jim  Bernardo,  prod¬ 
uct  manager  for  the  .Net  enter¬ 
prise  server  group  at  Microsoft. 
“The  move  from  Domino  means 
a  change  in  the  directory  and  the 
database.  How  do  you  migrate 
Notes  [public-key  infrastructure]? 
And  the  access  control  list  con¬ 
cept  in  Domino  won’t  be  ported 
over  [to  WebSphere].” 

Despite  such  skirmishing,  both 
vendors  are  on  their  way  to 
meeting  user  needs  as  part  of  the 
first  phase  of  the  transition  to 
contextual  collaboration. 

Meta  Group  predicts  that  in  the 
next  three  years  every  global 
2000  organization  will  have 


broadly  deployed  three  collabo¬ 
ration  technologies:  instant  mes¬ 
saging,  Web  conferencing  and 
teamware.  Both  vendors  offer 
those  capabilities  today  but  there 
is  another  aspect  to  the  fight. 

“The  battle  during  and  after 
that  [initial]  evolution  will  be 
over  contextual  collaboration,” 
says  Matt  Cain,  an  analyst  with 
Meta  Group. “The  players  need  to 
get  third-party  vendors,  systems 
integrators  and  corporate  devel¬ 
opers  to  utilize  those  services  by 
embedding  them  in  business 
applications.” 

Cain  says  that  while  both  ven¬ 
dors  offer  APIs  to  features  of 
their  collaboration  services,  the 
ultimate  game  is  to  provide  Web 
services  interfaces  based  on 
Simple  Object  Access  Protocol. 

“IBM  is  much  further  ahead  in 
that  they  have  articulated  the 
vision  and  are  building  prod¬ 
ucts,”  Cain  says.“Microsoft  isn’t  as 
clear  on  its  long-term  road  map 
and  how  instant  messaging,  Web 
conferencing  and  teamware  ser¬ 
vices  come  together.”  ■ 


Lotus  responds 


■  Lotus  answers  Java 
debate  with  free  version 
of  WebSphere  in  Domino  6. 
See  www.nwfusion.com, 
DocFinder:  2448. 
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SIM  attracting  new  players,  rivalries 


■  BY  ELLEN  MESSMER  AND  DENISE  DUBIE 

Network  security  industry  leaders  Check 
Fbint  Software  and  Symantec  this  week 
separately  plan  to  make  announcements 
regarding  security  information  manage¬ 
ment,  a  fledgling  technology  that  until  re¬ 
cently  has  been  available  mainly  from  rela¬ 
tively  unknown  vendors. 

SIM  software  is  used  to  collect  and  make 
sense  of  output  data  from  a  host  of  different 
vendors’  security  products  ranging  from 


Corrections 


■  In  the  story  "From  intrusion  detection 
to  intrusion  prevention"  (Sept.  23,  page 
72),  it  should  have  stated  that  Silent- 
Runner  Inc.  created  the  SilentRunner  tool. 

■  In  the  story  “In  the  spin  cycle"  (Sept. 

;  23,  page  84),  vendors  for  eCDN  products 
should  have  been  listed  as:  Cisco, 
Fantastic,  F5  Networks  and  Volera. 

■  In  the  story  "Marconi  looks  to  the 

I  future"  (Sept.  9,  page  42),  it  should  have 
been  reported  that  the  company  already 
has  sold  its  medical,  commerce  and  data 
systems  divisions.  It  also  has  sold  some 
real  estate  and  its  interest  in  an  Italian 
lottery  company. 


firewalls  to  intrusion-detection  systems 
(IDS).  Companies  can  use  the  information 
to  get  a  big-picture  view  of  their  networks 
security  status  and  with  more  advanced 
SIM  tools,  take  immediate  action  to  address 
potential  or  actual  intrusions. 

Check  Fbint  will  outline  its  Security  Man¬ 
agement  Architecture  (SMART)  road  map, 
part  of  which  involves  the  company  asking 
other  vendors  to  build  into  their  products  a 
set  of  APIs  that  Check  Fbint  can  exploit 
through  a  new  management  console  called 
the  SMAFH'  OPSEC  Manager.  The  console 
will  be  designed  to  collect  information  on 
security  events,  relate  them  to  one  another, 
and  let  administrators  exert  policy  controls 
over  multivendor  equipment,  according  to 
Upesh  Patel,  Check  Fbint’s  OPSEC  manager. 

OPSEC  is  the  company’s  program  for  cer¬ 
tifying  that  300  other  vendors’  products 
work  well  with  Check  Fbint’s  firewall  and 
VPN  offerings.The  question  now  is  whether 
those  and  other  vendors  will  be  willing  to 
work  more  closely  with  Check  Point  as  part 
of  the  company’s  new  SIM  program.  Details 
of  the  program  will  be  shared  at  the  annu¬ 
al  OPSEC  conference  in  San  Mateo,  Calif., 
this  week. The  situation  is  becoming  politi¬ 
cal  as  large  vendors  start  to  go  head  to 
head  in  a  SIM  market  that  up  to  now  has 
been  the  purview  of  smaller  companies 
such  as  netForensics. 

“Customers  are  asking  us  for  a  compre¬ 
hensive  security-management  solution 
[too] ,”  says  Matthew  Ward,  a  product  man¬ 
ager  at  IDS  vendor  Internet  Security 


Systems  (ISS),  which  has  signaled  that  it’s 
not  eager  to  help  Check  Fbint  with  its  SIM 
ambitions. 

Ward  says  ISS  expects  to  have  its  SIM  soft¬ 
ware,  SiteProtector  2.0,  out  by  year-end. 

Other  vendors, such  as  antivirus  software 
maker  Trend  Micro,  are  getting  behind 
Check  Fbint’s  SIM  effort,  while  others,  such 
as  Rainfinityare  on  the  fence. 

“It  takes  time  and  resources  to  undergo 
the  OPSEC  certification  process,”  which  can 
be  intrusive,  says  Paul  LeMahieu,  senior  en¬ 
gineer  and  co-founder  of  Rainfinity  which 
makes  OPSEC-certified  clustering  gear. 

Symantec  to  announce  product 

Symantec  likely  will  run  into  similar  reac¬ 
tions  when  it  announces  its  Security  Man¬ 
agement  System  2.0  this  week  in  New  York. 

The  company  says  it  had  basic  SIM  capa¬ 
bilities  in  its  first  version  of  the  product  but 
has  added  real-time  data  correlation 
through  the  acquisition  earlier  this  year  of 
start-up  Mountain  Wave.  Among  the  dozens 
of  companies  planning  to  be  at  Symantec’s 
side  is  TippingFbint  Technologies,  which 
makes  an  intrusion-prevention  appliance 
called  UnityOne. 

Also  making  a  more  aggressive  run  at  the 
SIM  market  will  be  IBM  Tivoli,  which  is  ex¬ 
pected  to  roll  out  Risk  Manager  4.1  in  mid- 
October. 

Among  other  things,  Tivoli  plans  to 
expand  on  the  50  or  so  security  products 
Risk  Manager  already  supports  to  include 
products  from  vendors  such  as  Enterasys 


Networks,  Sanctum  and  TripWire. 

One  likely  result  of  bigger  and  better- 
heeled  vendors  focusing  on  SIM  is  that  the 
technology  will  reach  its  potential  sooner, 
observers  say 

Gartner  analyst  John  Pescatore  says  most 
SIM  tools  can  do  data  normalization  and 
reduction,  but  are  weaker  when  it  comes  to 
more  advanced  SIM  functions  such  as 
event  correlation  and  device  control. 

“The  products  haven’t  reached  that  level 
of  sophistication  yet,  and  I  don’t  expect  to 
see  it  at  least  until  the  latter  half  of  2003,” 
he  says. 

Matt  Speare,  director  of  IT  risk  manage¬ 
ment  for  Ohio  Savings  Bank  in  Cleveland, 
uses  netForensics  SIM  software  to  help  him 
more  quickly  pinpoint  security  incidents. 
Speare,  now  testing  a  beta  version  of 
netForensics  3.0, sees  that  the  user  interface 
has  improved.  But  he  adds  that  the  kind  of 
controls  he’d  like  to  see  in  the  software  are 
still  probably  years  off. 

“I’d  like  to  see  features  that  could  see  an 
event  occurring  and  modify  the  device  to 
prevent  the  event  from  spreading,” Speare 
says.  That  would  mean  letting  an  auto¬ 
mated  action  take  place  —  something 
many  security  managers  are  still  hesitant 
to  do.  ■ 


■  Early  adopters  of  SIM  products 
share  their  experiences.  PAGE  21. 
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XCache  revs  up  Web  acceleration  appliance 


■  BY  JENNIFER  MEARS 

BELLINGHAM, WASH  —  Internet  acceler¬ 
ation  software  maker  XCache  Technologies 


next  week  plans  to  introduce  its  first  ap¬ 
pliance,  which  the  company  says  will  let 
businesses  speed  up  Web  sites  and  Web- 
enabled  applications  without  altering  code 


or  worrying  about  interoperability 
The  XCompress  1400  is  a  single-purpose 
device  that  compresses  HTTP  content, 
thereby  speeding  throughput  and  reducing 


bandwidth  demands,  the  company  says. 
The  product  is  built  using  the  same  Smart 
Compression  Technology  that  is  available 
in  its  XCompress  software  that  intelligently 
routes  compressed  content  only  to  brows¬ 
ers  that  can  handle  decompression. 

“People  want  to  install  a  product,  and 
then  instantly  the  Web  site  is  faster.  They 
don’t  want  to  do  anything  with  program¬ 
ming,”  says  Wayne  Berry,  CEO  of  XCache. 

The  XCompress  1400  requires  no  HTML 
changes  or  plug-ins  and  could  be  dropped 
into  the  network  infrastructure,  in  front  of  a 
Web  server,  or  in  front  of  a  load  balancer 
supporting  a  server  farm,  for  example. 

Boxing  it  up 

Some  features  of  the  XCompress 
1400,  XCache  Technologies’  first 
acceleration  appliance,  include: 

•  A  single-purpose  box  that  compresses 
outgoing  HTTP  traffic,  including  XML, 
Active  Server  Pages,  Java  Server 
Pages  and  HTML. 

•  1U  (1.75  inches)  high,  rack-mountable, 
with  two  10/100M  bit/sec  network 
interface  cards. 

•  Works  with  all  platforms,  Web  servers 
and  Web-enabled  applications. 

The  XCompress  1400  marks  a  shift  for 
XCache,  which  has  focused  on  software 
products  since  it  was  founded  in  2000.The 
move  follows  a  similar  step  by  competitor 
SpiderSoftware,  which  released  its  first 
appliance,  SpiderBox,  in  May. 

Analysts  say  the  companies  are  smart  to 
expand  their  offerings  with  appliances  be¬ 
cause  users  are  looking  for  easier  ways  to 
handle  Web  acceleration  and  don’t  want  to 
modify  code  or  add  software  to  servers. 

Raymond  Williams,  a  network  developer 
at  real  estate  listing  company  Northwest 
Multiple  Listing  Service  in  Kirkland,  Wash., 
says  he’s  been  running  the  XCompress  soft¬ 
ware  for  Microsoft’s  Internet  Information 
Server  for  about  two  months  and  has  seen 
dramatic  improvements  in  site  perfor¬ 
mance,  and  a  drop  in  bandwidth  de¬ 
mands.  He  says  content  is  downloading  up 
to  70%  faster  with  the  software,  and  he  is 
no  longer  using  all  of  his  seven  T-l  lines. 

But  he  says  he  is  looking  forward  to  in¬ 
stalling  the  XCompress  appliance  because 
he  doesn’t  want  to  have  to  load  software 
on  all  of  his  20  Web  servers.  With  the 
XCompress  1400  he  can  drop  two  devices, 
one  for  failover,  in  front  of  his  servers  and 
be  done  with  it,  he  says. 

“The  reason  we  want  hardware  is  be¬ 
cause  it’s  a  lot  cheaper  and  easier  to  man¬ 
age.  And  we’re  expecting,  quite  frankly,  a 
lot  better  throughput  because  it’s  a  hard¬ 
ware  device  designed  for  this  rather  than 
having  to  put  something  on  top  of  the 
operating  system  and  everything  else  that 
you’re  doing,"  he  says. 

The  XCompress  1400  will  be  available 
next  month.  It  will  cost  less  than  $5,000.  ■ 
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Staying  connected  during  a  disaster 

Ascendent  Telecommunications’  system  allows  communication  between  officials  in  cases  of  emergency. 


■  BY  TONI  KISTNER 

WASHINGTON,  D.C.  —  Worst-case  sce¬ 
nario:  Your  firm  must  evacuate  its  facility, 
perhaps  at  a  moments  notice. 

Traditional  disaster-recovery  systems 
from  IBM  and  Sungard  keep  an  organiza¬ 
tions  data  and  voice  communications  con¬ 
nected,  but  what  about  the  people? 
Scattered  employees  —  corporate  execu¬ 
tives  or  government  officials  —  need  a  way 
to  communicate,  regroup  and  continue  to 
conduct  business  from  anywhere. 

Ascendent  Telecommunications’  new 
Continuity  of  Government  (COG)  system 
fills  this  need.  AscendentCOG  provides  or¬ 
ganizations  seamless  communications  in 
the  event  of  a  telephone  network  outage  or 
evacuation,  the  company  says. 

A  server-based  system,  COG  lets  any  re¬ 
mote  device  (cell,  voice-over-IP  or  home 
office  phone)  perform  like  a  telephone  in 
the  office,  so  single-mailbox,  calling-plan 
and  speed-dial  features  are  retained.  Users 
can  dial  the  same  extensions  to  reach  the 
same  colleagues  they  always  do. 

Ascendent’s  flagship  product  Ascendent- 
MX,  which  the  company  has  offered  since 
1993, integrates  cell  and  remote  telephones 
to  corporate  phone  systems,  letting  any 


■  Radware  has  updated  its  applica¬ 
tion  switch  to  support  environments 
that  have  more  than  one  Internet 


connection,  so-called  multihoming. 

Web  Server  Director  7.30,  re 

leased  last  week,  not  only  balances 
traffic  among  servers,  but  it  also  bal¬ 
ances  traffic  loads  among  ISP  links. 
With  Web  Server  Director's  health¬ 
monitoring  capabilities,  users  can  be 
assured  that  traffic  is  always  direct¬ 
ed  to  the  best  performing  link,  the 
company  says.  Web  Server  Director 
also  ensures  that  applications  make 
the  best  use  of  available  infrastruc¬ 
ture  to  perform  at  the  highest  levels, 
Radware  executives  say.  Web  Server 
Director  7.30  is  available  now,  start¬ 
ing  at  $21,500. 


remote  device  perform  like  a  telephone  in 
the  office.  When  the  user  picks  up  either 
line,  the  other  phone  will  stop  ringing. 
Each  time  the  remote  user  sends  or 
receives  a  call  on  a  remote  device,  the 
device  first  connects  to  the  AscendentMX 
server,  finds  the  user  profile  and  provides 
a  dial  tone  —  a  process  that  takes  only  a 
few  seconds. 

The  new  product,  AscendentCOG  adds 
useful  features  geared  to  helping  key  peo¬ 
ple  in  an  organization,  whether  they  are 
CEOs,  high-ranking  military  officials,  doc¬ 
tors  or  police.  During  an  evacuation,  an 
automated  roll  call  feature  simultaneously 
will  call  everyone  on  the  system  with  in¬ 
structions  on  what  to  do. 

The  network  administrator  can  activate 
the  feature  remotely  and  program  in  mes¬ 
sages  and  response  requests  such  as  “Press 

2  if  you’ve  received  this  message’”  or  “Press 

3  if  you’ve  evacuated  the  building.”  COG 
also  sends  e-mail  and  Short  Message  Ser¬ 
vice  messages. 

“This  is  a  step  ahead,”  says  Elizabeth 
Herrell,  vice  president  of  Giga  Information 
Group.“But  it’s  not  for  everybody.  But  when 
you  need  to  reach  key  individuals,  this  is  a 
good  solution.” 

Events  of  the  past  year  illustrate  just  how 
useful  a  product  such  as  AscendentCOG 
can  be.  When  the  U.S.  Senate’s  Hart  Office 
Building  was  evacuated  in  January  be¬ 
cause  of  the  anthrax  scare,  senators  were 
each  handed  a  cell  phone  on  the  way  out 
the  door.  “But  nobody  knew  how  to  call 
each  other,  how  to  receive  calls  and  they 
were  still  somewhat  dysfunctional,”  says 
Stephen  Forte,  Ascendent’s  co-founder 
and  CEO. 

Moreover,  in  case  of  emergency,  most  or¬ 
ganizations  rely  on  a  “calling  tree”system  to 
disseminate  information,  in  which  the  top 
people  call  all  those  one  layer  below  and 
so  on. “The  problem  with  this  method  was 
illustrated  during  the  9/1 1  attack  on  the 
Pentagon  building,  during  which  an  entire 
layer  of  the  calling  tree  was  disabled,”  Forte 
says. “People  on  the  lower  end  didn’t  find 
out  the  nature  of  the  crisis  for  some  time. 
But  with  COG,  a  senator  sitting  on  a  tractor 
out  in  the  middle  of  Iowa  can  still  send  and 
receive  calls,  without  changing  his  behav¬ 
ior  whatsoever’’ 

Ascendent  offers  the  military  an  addi¬ 
tional  feature  called  MLPPwhich  lets  high- 
ranking  officials  barge  in  on  calls  of  subor¬ 
dinates,  disconnect  the  call  and  take  con¬ 


trol  of  the  circuit. 

The  company  can  host  the  system  at  its 
Irvine,  Calif.,  facility  with  SBC  Communi¬ 
cations,  or  it  can  be  run  on  a  private  net- 


■  BY  PHIL  HOCHMUTH 

BRAMPTON, ONT. —  Nortel  this  week  will 
unveil  an  appliance  it  says  can  help  com¬ 
panies  process  secure  Web  transactions 
more  than  three  times  as  fast  than  they 
could  with  the  previous  version. 

The  Alteon  SSL  410  is  designed  to  let 
companies  complete  2,000  Secure  Sockets 
Layer  (SSL)  transactions  per  second,  which 
could  include  secure  credit  card  purchas¬ 
es  over  the  Internet  or  file  transfers  over  pri¬ 
vate  extranets.  The  box  also  can  maintain 
16,000  SSL  sessions,  or  users  connected  to 
a  Web  site  with  SSL  encryption,  per  second. 
Comparatively,  the  Alteon  SSL  310  could 
handle  600  encrypted  transactions  per  sec¬ 
ond  and  8,000  concurrent  SSL  sessions. 

One  other  difference  between  the  new 
and  old  box:  Unlike  the  old  one,  the  410  is 
not  compliant  with  the  Federal  Informa¬ 
tion  Processing  Standards  (FIPS),  which 
many  government  organizations  require. 

The  310  could  be  made  compliant  by 
adding  a  FIPS  daughtercard  to  the  box 
—  which  performs  the  FIPS-based  secu¬ 
rity  encoding.  That  card  does  not  work 


work  with  the  back-up  system  residing  in 
Irvine. 

Ascendent  is  targeting  federal  agencies, 

See  Ascendent,  page  18 


with  the  410. 

The  410  competes  with  products  such  as 
Cisco’s  CSS  1 1500,  which  can  sustain  about 
1 ,000  SSL  sessions  per  second. 

The  410  costs  $25,000. 

Nortel  also  released  Version  4.7  of  the 
software  for  its  Contivity  branch  office 
routers.  The  software  can  give  corporate 
WAN  managers  the  ability  to  add  more 


Nortel’s  Alteon  SSL  410  can  handle  twice  as 
many  secure  sessions  as  its  predecessor. 


security  and  traffic  management  services 
to  their  Contivity  boxes  such  as  stateful  fire¬ 
wall  packet  inspection,  quality  of  service 
based  on  Layer  3  Differentiated  Services 
traffic  prioritization,  and  VPN  tunneling 
This  can  eliminate  the  need  to  replace  or 
add  more  equipment  to  secure  WAN  con¬ 
nections,  the  company  says. 

Contivity  boxes  start  at  $  1 ,000  when  con¬ 
figured  with  up  to  50  VPN  tunnels  and  10M 
to  15M  bit/sec  of  Triple-DES  throughput.® 


Nortel  looks  to  lock  down  Web 
servers  and  remote  offices 
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‘Always  on'  programs  pose  an  ‘always  on'  threat 


Try  as  they  might  to  secure  the  enter¬ 
prise —  using  firewalls, VPNs,  intrusion 
detection  and  content  filters  —  net¬ 
work  managers  are  being  defeated  in 
droves  ...  by  their  co-workers. 

The  dramatic  surge  in  “always  on”  third- 
party  programs  running  on  corporate  desk¬ 
tops  has  set  the  stage  for  unknown  havoc. 
The  programs  range  from  distinctly  non¬ 
business  peer-to-peer  programs  such  as 
KaZaA  —  a  Napster  follow-on  —  to  corpo¬ 
rate  remote  access  services  such  as  Expert- 
City’s  GoToMyPC. 

These  are  not  Trojan  horses;  they  are  legit¬ 
imate  services.  Users  download  and  install 
the  client  because  they  want  the  service. 
For  network  managers,  though,  such  pro¬ 
grams  can  create  network  performance 


headaches  and  set  the  stage  for  serious 
security  breaches. 

The  KaZaA  Media  Desktop  transforms  a 
corporate  desktop  into  a  file  server  acces¬ 
sible  worldwide.  The  default  installation 
sets  you  up  with  a  shared  folder  for  the 
world  to  see. 

While  the  primary  content  is  MP3  audio, 
files  are  files. Should  corporate  files  get  into 
that  folder,  they  are  now  available  to  the 
world.  Users  can  assign  any  folder  to  which 
they  have  access  to  be  indexed  into  the 
KaZaA  system  and  thus  free  to  the  world. 
Imagine  what  a  disgruntled  employee 
could  do  “by  mistake.” 

Even  if  the  data  is  harmless,  your  corpo¬ 
rate  Internet  link  will  get  chewed  up  as 
users  around  the  world  grab  files  from 
that  desktop.  KaZaA  is  built  to  seek  out 
the  fastest  machines  and  highest-speed 
connections  as  the  preferred  sources  for 
downloads. 

And  what  about  the  files  your  users  bring 
in  via  KaZaA?  So  prevalent,  apparently  are 
Trojans,  viruses  and  SpyWare  that  the 
KaZaA  home  page  advertises  a  recom¬ 


mended  third-party  utility,  BullGuard,  to 
defend  your  desktop.  Scary 

KaZaA  says  its  desktop  software  has  been 
downloaded  more  than  119  million  times. 
Chances  are,  it  is  already  in  your  network. 
Time  to  start  looking  for  it. 

GoToMyPC,  on  the  other  hand,  serves  a 
legitimate  corporate  need  —  remote  desk¬ 
top  access.  It  is  built  around  a  service 
provider  model.  And  its  architecture  lets 
users  bypass  corporate  firewalls. 

Typically  firewalls  are  configured  to  look 
outside  for  trouble  and  assume  that  any¬ 
thing  initiated  from  the  inside  is  fine. 

With  GoToMyPC,  an  always-on  client  pro¬ 
gram  residing  on  the  desktop  stays  in  con¬ 
stant  contact  with  a  GoToMyPC  server. 
While  the  traffic  load  is  not  significant, 
there  is  a  constant  “heartbeat”  between 
each  client  and  the  server.  My  network  ana¬ 
lyzer  tells  me  so. 

When  the  remote  user  wishes  to  access 
his  desktop,  he  contacts  the  GoToMyPC  ser¬ 
vice.  After  clearing  two  levels  of  password 
authentication,  the  target  desktop  appears. 

From  a  system  perspective,  the  session 


appears  to  be  initiated  from  the  un¬ 
attended  target  PC  so  firewall  authentica¬ 
tion  is  not  an  issue. 

The  software  works,  I  tried  it.  Because  of 
the  three-way  nature  of  the  architecture, 
benchmarking  the  speed  was  not  possible. 

While  there  is  clearly  no  evil  intention  on 
the  part  of  ExpertCity,  I  find  it  unsettling  to 
have  scads  of  corporate  desktops  in  con¬ 
stant  communication  with  a  third-party  ser¬ 
vice  that,  through  its  “mole,”  can  determine 
how  often  your  PC  is  busy,  when  you’re  in 
the  office  and  so  forth. 

While  the  company  offers  packaged  en¬ 
terprise  services,  they  don’t  offer  an  “opt 
out”  for  companies  that  don’t  want  to  let 
desktops  in  their  domain  use  the  service. 

Network  managers  have  to  look  within 
and  start  understanding  the  security  and 
the  performance  implications  of  always-on 
code  running  on  their  desktops. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  test¬ 
ing  company  in  Manasquan,  NJ.  He  can  be 
reached  at  ktolly@tolly.com. 


Web  Office  rolls  out  all-in-one  small  office  box 

Appliances  combine  VPN,  storage  and  file  serving  functions. 


■  BY  DENI  CONNOR 

AUSTIN, TEXAS  —  Start-up  Web  Office  last 
week  made  its  debut  with  network  appli¬ 
ances  designed  to  make  it  easier  for  small 
and  remote  offices  to  establish  secure  WAN 
connectivity. 

The  company’s  Virtual  Private  Storage 
Network  (VPSN)  ILANd  boxes  each  com¬ 
bine  the  functions  of  a  VPN  router,  Web 
server,  network-attached  storage  (NAS)  sys¬ 
tem  and  file  server,  and  can  share  files  in  a 


peer-to-peer  fashion.  Web  Office  says  the 
devices  can  be  set  up  for  inclusion  in  a 
VPN  group  in  less  than  10  minutes  by  even 
non-IT  staff. 

Web  Office  also  offers  an  appliance 
dubbed  ISERVer  that  can  reside  at  a  central 
site  and  be  used  to  monitor  the  status  of 
ILANds  deployed  in  remote  offices. 

“The  problem  we  saw  was  when  we  had 
colleagues  in  law  firms  and  doctor’s  offices 
say  it  was  too  complicated  for  them  to  set 
up  a  networked  infrastructure  to  run  their 


businesses,”  says  Luan  Nguyen,  a  former 
IBM  executive  who  is  president  and  CTO  of 
Web  Office.  “For  the  end  user  in  a  branch 
office,  normally  they  would  have  to  buy  all 
these  products,  have  very  qualified  IT  staff 
install  and  configure  them,  and  pay  a  lot  of 
money  for  them.” 

Web  Office  will  compete  against  tradi¬ 
tional  VPN  product  vendors  such  as  Check 
Point  Software  and  Cisco,  and  with  distrib¬ 
uted  NAS  companies  such  as  Overx.com 
and  Disksites.  But  observers  say  Web 
Office’s  combination  of  functions  could  set 
the  company  apart. 

The  1U  (1.75-inch  high)  ISERVers  or 
ILANd  appliances,  which  are  powered  by 
Intel  Celeron  processors,  connect  to  work¬ 
stations  via  10/100M  bit/sec  Ethernet  and 
to  the  Internet  via T-l, cable  modem  or  DSL 
connections.  PCs  linked  to  Web  Office 
boxes  can  operate  in  a  client/server  fash¬ 
ion  or,  taking  advantage  of  native  Windows 
technology,  work  in  a  peer-to-peer  setup. 

Each  appliance  contains  a  Dynamic  Host 
Configuration  Protocol  server  and  network- 
attached  Integrated  Drive  Electronics  (IDE) 
drives  with  capacities  of  up  to  318G  bytes. 
The  appliances  run  an  open  source  version 
of  the  Secure  Shell  for  security  purposes, 
although  an  IP  Security-enabled  appliance 
is  also  available.  Multiple  appliances  can 
be  daisy-chained  to  increase  capacity 

Web  Office’s  products  appealed  to  Vijay 
Sankaran,vice  president  of  engineering  for 
change  management  company  Inventes, 
who  put  two  ILANds  in  India  and  an 
ISERVer  in  Austin  to  handle  the  exchange 
of  software  code  between  overseas  soft¬ 
ware  developers  and  employees  at  the  cor¬ 
porate  office  in  the  U.S. 


“We  wanted  to  rely  on  the  local  DSL  in  In¬ 
dia,  but  did  worry  about  the  security  of  the 
information  traveling  between  India  and 
the  United  States.  That  [concern  is  taken 
care  of]  by  the  VPSN  network,”  he  says. 

ISERVers  start  at  $2,700  and  ILANds  at 
$1,800.  Future  releases  will  support  Gigabit 
Ethernet,  iSCSI  and  user  management  from 
within  Windows  Active  Directory  and 
domains.  ■ 
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Ascendent 

continued  from  page  17 

the  military  and  corporations.  It  recently  in¬ 
stalled  a  system  for  the  U.S.  Marines,  and  is 
working  on  locations  for  the  Army.The  firm 
also  is  setting  up  systems  for  the  head¬ 
quarters  of  customers  Toshiba,  Nextel, 
Disney,  FedEx  and  Steelcase. 

The  component-based  offering  in¬ 
cludes  the  Ascendent  COG  server  and 
the  Ascendent  RS  recovery  server.  It  is 
designed  for  an  organization  that  wishes 
to  manage  the  entire  system  internally.  An 
organization  can  also  elect  to  purchase 
the  Ascendent  COG  server  and  use  Ascen¬ 
dent’s  hosted  subscription  service  in 
place  of  a  dedicated  in-house  recovery 
server.  Pricing  for  this  service  ranges 
upward  from  $30,000  based  on  the  num¬ 
ber  of  ports  and  users  supported.  ■ 


Swiss  army  knife  approach 


Web  Office  says  its  ILANd  and  ISERVer  appliances  can  eliminate  the  need 
for  multiple  network  devices  at  remote  sites  and  simplify  management. 
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Remote  office 

■  Embedded  VPN  technology. 

•  File  server. 

•  Up  to  31 8G  bytes  of  storage  capacity. 

•  Network  address  translation  firewall. 
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Corporate  office 

*  Monitors  status  and  capacity 
of  ILANd  devices. 

*  Helps  ILANds  find  each  other. 
■  Can  be  used  to  store  data 

and  serve  files. 

*  Requires  a  static  IP  address. 
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Switch  to  HP  Procurve  and  build  it  to  last. 

The  new  HP  Procurve  Switch  5300x1  series  delivers  the  fastest  layer  3/4 
features  for  the  price  of  the  competition's  layer  2  modular  switches.  And  HP 
Procurve  switches  are  fully  interoperable  and  scalable,  making  it  easier  than 
ever  to  add  the  switching  capacity  you  need  for  current  and  future  growth. 
These  convergence-ready  switches  provide  flexibility,  high  port  density, 
free  software  upgrades  and  a  lifetime  warranty. 

Now  HP  Procurve  Networking  gives  you  3  unbeatable  offers: 

•  Trade  in  any  Cisco  2924,  2948,  3548,  4006  or  6500  switches  with  no 
trade-in  limits  when  they  are  traded  for  HP  Procurve  5300  series  switches 

•  Get  a  $400  cash  rebate  on  the  HP  Procurve  4148gl  and  up  to  $500 
off  mini-GBIC  modules  or  transceivers 

•  Buy  an  HP  Procurve  5300x1  switch  and  get  a  free  mini-GBIC  module  worth  $  1 ,299 

Find  out  more  at  www.hpprocurve.com/lifetime  or  call  us  now 
to  talk  to  an  HP  Procurve  professional  at  1-800-477-6111 
extension  41682. 


invent 
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Sybase  knows  a  few  things 
about  the  financial  services 
industry.  After  all,  our  database 
technology  powers  more  than 
half  the  trades  on  Wall  Street. 
And  our  subsidiary,  iAnywhere 
Solutions,  is  the  mobile  database 
leader  and  the  fastest  growing 
vendor  in  the  embedded 
database  market. 


But  we're  not  just  big  on 
database  market  share.  We're 
big  on  databases.  How  big? 

Our  robust  relational  database 
management  systems  are 
capable  of  powering  the  world’s 
largest  data  warehouses.  And 
nearly  half  the  phone  calls  in 
the  People's  Republic  of  China 
depend  on  Sybase  technologies. 


So  it's  safe  to  say  the  database 
wars  are  far  from  over.  In  fact, 
they've  only  just  begun.  Visit 
sybase.com/integrationsolutions 
for  more  information  on  Sybase’s 
wide  range  of  database  and 
integration  products. 


EVERYTH  I NG  WO 


WHEN  EVERYTHING  WORKS  TOGETHER- 


°2002  Sybase.  Inc.  and  Financial  Fusion.  Inc.  All  rights  reserved.  All  trademarks  are  the  property  of  their  respective  owners. 


Users  shoring  up  net  security  with  SIM 


■  BY  DENISE  DUBIE 

Matt  Speare  estimates  that  it  would  re¬ 
quire  a  staff  of  nine  to  monitor  just  one 
security  event  console  consolidating  logs 
from  30  devices  24-7  on  his  network  at 
Ohio  Savings  Bank  in  Cleveland. 

“And  that’s  including  weekend  coverage, 
with  no  breaks,  no  lunch  and  no  sick 
days,”  he  says.  Speare,  director  of  IT  risk 
management  at  Ohio  Savings,  quickly 
does  the  math  again  and  concludes, “Ob- 


■  XML  database  vendor  Excelon  has 
unveiled  Version  3.1.2  of  its  Exten¬ 
sible  Information  Server  data¬ 
base  and  Version  4.5  of  its  Stylus 
Studio  development  tools.  Ex 
celon  is  positioning  its  database  as  a 
gateway  for  handling  and  storing  XML 
data  during  a  live  transaction  before 
handing  it  off  to  a  traditional  relational 
database  with  XML  support  for  per¬ 
manent  storage.  With  XIS  3.1.2,  Ex¬ 
celon  is  adding  support  for  the 
XQuery  standard,  full-text  search 
powered  by  Verity  software,  Microsoft 
.Net  support  and  an  entry-level  config¬ 
uration  for  pilot  projects.  Stylus  Stu¬ 
dio  4.5  works  with  extensible  style- 
sheet  language  transformation  pro¬ 
cessors  from  Saxon  and  .Net.,  an 
XML-to-HTML  WYSIWYG  editor,  an 
XQuery  editor/debugger  and  an  auto¬ 
matic  schema  documentation  editor. 
XIS  costs  $45,000  per  CPU,  $15,000 
for  the  entry-level  version.  Stylus 
Studio  is  $400  per  seat,  www.exln.com 

■  ServGate  Technologies  next 
month  will  ship  a  gateway  appliance 
that  combines  the  functions  of  fire¬ 
wall,  antivirus  and  VPN  products.  The 
basic  ServGate  EdgeForce  unit 
supports  75M  bit/sec  speed  at  the 
firewall  with  16,000  simultaneous 
users.  Performance  module  upgrades 
ratchet  up  the  speed  supported  to 
150M  bit/sec.  ServGate  has  licensed 
the  antivirus  component  from  Net¬ 
work  Associates.  The  product  starts 
at  $800.  www.servgate.com 


viously,  that  type  of  round-the-clock  man¬ 
agement  with  staff  is  cost-prohibitive.” 

To  address  the  problem,  Speare  turned  to 
security  information 
management  (SIM) 
software,  an  increas¬ 
ingly  popular  type  of 
product  designed  for 
automating  the  col¬ 
lection  of  event  log 
data  from  security 
devices  and  helping 
users  make  sense  of  it 
through  a  common  management  console. 

Ohio  Savings  uses  netForensics’  Security 
Information  Platform,  which  cost  it  about 
$55,000  in  hardware  and  software  to 
install  —  half  of  what  Speare  estimates  it 
would  have  cost  the  bank  to  outsource  its 
security  management. 

“There’s  a  huge  return  on  investment  for 
us,”  he  says. 

Spelling  out  SIM 

SIM  products  use  data  aggregation  and 
event  correlation  features  similar  to 
those  of  network-management  software 
and  applies  them  to  event  logs  generat¬ 
ed  from  security  devices  such  as  fire¬ 
walls,  proxy  servers,  intrusion-detection 
systems  and  antivirus  software.  What’s 


more, SIM  products  can  normalize  data  — 
that  is,  they  can  translate  Cisco  and  Check 
Point  Software  alerts,  for  example,  into  a 
common  format  so  the 
data  can  be  correlated. 

Like  network-manage¬ 
ment  software,  SIM  tools 
generally  consist  of  ser¬ 
ver  software,  agents  in¬ 
stalled  either  on  servers 
or  security  devices,  and 
a  central  management 
console. 

SIM  providers  range  from  smaller  com¬ 
panies  such  as  netForensics,  Network  In¬ 
telligence,  GuardedNet,  Intellitactics  and 
OpenService  to  more  established  players 
such  as  Computer  Associates,  IBM  Tivoli, 
Micromuse  and  NetlQ  (see  related  story, 
below). 

Charles  Kolodgy,  Internet  security  re¬ 
search  manager  at  1DC,  says  companies 
have  lots  of  choice  when  it  comes  to  SIM: 
Vendors  find  the  market  attractive  in  that 
IDC  estimates  it  is  worth  $15  million  today 
and  is  set  to  quadruple  to  $61.3  million 
by  2005. 

But  he  warns  that  many  products  are 
immature. 

“These  tools  are  great  to  collect  and  cor¬ 
relate  events,  but  they  offer  little  control 
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Keeping  it  SIMple 

Early  adopters  of  security  in¬ 
formation  management  (SIM) 

products  say  such  offerings  must: 

•  Correlate  security  events  in  real  time. 

•  Collect  and  filter  alarms  from  a 
large  variety  of  firewall,  intrusion- 
detection  and  other  security 
systems. 

•  Include  an  easily  scripted  agent  to 
add  support  for  other  security 
systems. 

•  Require  little  configuration  to  start 
collecting  events. 

•  Boast  strong  reporting  features. 

•  Perform  their  own  security 
functions,  such  as  pinpointing 
network  vulnerabilities. 

v. _ 

over  the  security  infrastructure,”  he  says. 

While  vendors  have  adopted  the  SIM 
moniker,  industry  analysts  prefer  to  call 
most  of  the  products  security  event  man¬ 
agers.  Pete  Lindstrom,  a  research  director 
with  Hurwitz  Group,  says  the  latter  better 
describes  what  the  current  software  offer¬ 
ings  actually  do,  while  SIM  refers  to  a 
broader  set  of  tasks  the  tools  eventually 
should  evolve  to  perform. 

Real-world  experiences 

Charles  Watson,  data  network  specialist 
for  Cellular  South  in  Jackson,  Miss.,  says 
his  netForensics  software  actually  pin¬ 
pointed  vulnerabilities  in  his  network 
upon  installation.  Apparently,  some  end 
users  unwittingly  had  tapped  into  open 
ports  unbeknownst  to  the  security  staff. 

“We  had  no  idea  those  ports  were  open 
until  the  software  pointed  it  out,”  Watson 
says.  Because  netForensics  “logs  every¬ 
thing,"  Cellular  South  could  plug  those 
holes  and  prevent  a  possible  security 
breach  — “and  without  running  around  to 
each  served  he  adds. 

While  Speare  and  Watson  reported  rela¬ 
tively  easy  SIM  implementations,  Jeffrey 
Hormann  says  the  software  requires  a  fair 
amount  of  upfront  work. 

Hormann,  director  of  technology  opera¬ 
tions  at  Metromedia  Fiber  Network  in 
White  Plains,  N.Y., says  it  took  him  about  a 
month  to  get  e-Security’s  e-Sentinel  soft¬ 
ware  product  operational  on  his  network. 

See  SIM,  page  22 


NetlQ  upgrades  security  mgml  tools 

NetlQ  next  month  will  boost  its  security  information  management  offering  by 
enabling  it  to  collect  data  from  a  wider  selection  of  vendors'  security  prod¬ 
ucts  and  by  improving  its  reporting  capabilities. 

NetlQ  is  extending  its  Security  Manager  to  oversee  Check  Point  Software  firewalls, 
TrendMicro  antivirus  systems  and  Internet  Security  Systems'  RealSecure  intrusion- 
detection  systems  (IDS).  Earlier  versions  added  support  for  Cisco  Secure  Pix 
Firewalls  and  Symantec  and  Network  Associates/McAfee  antivirus  products. 

NetlQ,  which  has  specialized  in  managing  Microsoft  networks,  also  has  a  Unix 
agent  for  Security  Manager  in  the  works. 

“Being  vendor-agnostic  would  be  the  ultimate  goal  for  any  security  event  manage¬ 
ment  product,”  says  Charles  Kolodgy,  Internet  security  research  manager  at  IDC. 

Kolodgy  says  that  while  SIM  products  from  companies  such  as  e-Security  and 
netForensics  might  offer  more  vendor  support  out  of  the  box,  products  from  com¬ 
panies  such  as  NetlQ  and  IBM  Tivoli  help  users  go  beyond  collecting  data  to  gain¬ 
ing  real  control  of  their  networks. 

"NetlQ  can  offer  some  lockdown  features  and  do  a  bit  more  analysis"  than  some 
security-centric  tools,  he  says. 

Security  Manager  4.0  costs  $35  per  workstation,  $900  per  server  for  the  Basic  Win¬ 
dows  Agent  and  $1,500  per  server  for  the  Advanced  Windows  Agent.  Add-on  modules 
to  manage  firewalls,  IDS  and  antivirus  systems  range  widely  in  price  — from  $150  to 
$1,500,  depending  on  the  need  to  deploy  sensors  near  devices  to  be  monitored. 

—  Denise  Dubie 
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Gartner:  Negotiate  CRM  licensing  terms  carefully 


■  BY  ANN  BEDNARZ 

Companies  have  to  live  with  the  terms 
and  conditions  struck  in  a  CRM  license 


agreement  for  many  years,  so  due  dili¬ 
gence  is  key 

That’s  the  point  analyst  Jane  Disbrow 
makes  in  a  Gartner  research  report  pub¬ 


lished  last  week,  “Ten  CRM  License 
Agreement  Issues  Worth  Negotiating.” 

Disbrow,  a  research  director  at  Gartner, 
details  10  issues  that  companies  should 
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address  before  sealing  any  CRM  software 
deal.’Remember  that  a  software  vendor’s 
contracts  protect  the  vendor,  not  you,” 
she  warns. 

Broad  usage  rights  are  critical.  Make  sure 
they  include  a  parent  organization  and 
subsidiaries  or  affiliates,  Disbrow  wrote. 
Include  the  right  to  transfer  licenses  in 
case  of  a  merger, acquisition  or  divestiture, 
she  says. 

When  establishing  pricing  metrics  such 
as  “concurrent  user”  and  “named  user,”  be 
specific.  Prices  based  on  financial  met¬ 
rics  such  as  revenue  or  budget  are  espe¬ 
cially  risky,  Disbrow  says.  If  they  can't  be 
avoided,  clearly  define  what  will  be 
included  and  excluded.  For  example, 
Disbrow  says,  what  happens  if  a  one-time 
event  spikes  a  company’s  revenue  higher, 
but  for  only  one  year? 

Certain  customer  changes  should  be 
covered  without  fees.  Companies  should 
be  able  to  change  the  location  of  the 
software  or  transfer  it  to  another  vendor- 
supported  hardware  platform,  operating 
system  or  database,  without  penalty, 
Disbrow  says. 

Additional  issues  that  Disbrow  tackles 
include  setting  terms  for  replacing  func¬ 
tionality;  defining  a  vendor’s  conformance 
with  documentation;  establishing  vendor 
audit  rights;  incorporating  sales  docu¬ 
ments  into  the  final  agreement;  and  nego¬ 
tiating  a  long-term  cap  on  maintenance 
increases. 

To  see  the  full  report,  go  to  Gartner’s  Web 
site  at  www.gartner.com.  Disbrow’s  licens¬ 
ing  report  cna  be  found  among  the  firm’s 
CRM  focus  area  research.  For  non-Gartner 
clients,  the  report  costs  $95.  ■ 
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continued  from  page  21 


“It’s  not  out-of-the-box  ready  to  go,”  he 
says. “It  took  a  bit  of  effort  to  get  it  rolled 
out  [and  customized].” 

Yet  Hormann  says  e-Sentinel  has  saved 
him  from  hiring  a  dozen  security  special¬ 
ists  and  lets  him  offer  more  services  with 
a  downsized  staff. 

SIM  users  and  industry  watchers  agree 
that  while  the  software  can  serve  as  an 
extra  set  of  eyes  across  security  devices, 
the  tools  need  to  evolve  to  take  corrective 
actions. 

“Security  event  managers  want  to  be 
smart  and  to  ultimately  move  toward 
being  able  to  prioritize  assets  and  appli¬ 
cations  without  much  configuration  from 
users,”  Hurwitz’s  Lindstrom  says.  “We’re 
probably  one  or  two  generations  of  soft¬ 
ware  away  from  policy-  and  configura¬ 
tion-based  security  information  manage¬ 
ment  software.”  ■ 
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“ Shoreline  reduced  our  system  acquisition  and 
installation  costs  by  more  than  $500K,  and 
helped  us  reduce  our  ongoing  voice  network 
expenses  by  more  than  $200K  per  year.” 

Michael  Shisko,  IT  Director,  Experio  Solutions 
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Radware:  Intelligent  Application  Switching,  Certainty  Across  your  Network 
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they  couldn't  tell  if  a  particular  laptop 
might  have  an  ultrawideband  card  in  it. 

The  doom  stories  are  well  developed: 
planes  falling  from  the  sky,  cars  running 
into  each  other,  cell  phone  service  devas¬ 
tated  and  more.  One  would  think  that  the 
UWB  proponents  were  building  tools  for 
terrorists.  Just  why  is  a  chirping  radio  such 
a  threat,  and  to  what? 

UWB  is  hardly  a  new  thing.  It  was  devel¬ 
oped  more  than  30  years  ago,  but  has  quite 
suddenly  become  all  the  rage  well  beyond 
the  military  research  labs  where  it  has  qui¬ 
etly  been  worked  on. 

A  Google  search  on  UWB  generated 
5,270  hits,  including  one  for  quite  a  good 
story  in  the  September  issue  of  Technology 
Review  magazine. 

UWB  works  by  sending  out  extremely 
short,  broad  spectrum  chirps  of  radio 
waves.  Originally  designed  to  penetrate 
physical  objects  such  as  trees,  the  con¬ 
cept  turns  out  to  be  quite  flexible  and 
can  be  used  for  a  range  of  applications, 
from  radars  that  can  “see”  through  build¬ 
ings  to  short-range,  high-speed  data  net¬ 
work  connections. 

According  to  its  critics,  the  very  prob¬ 
lem  with  UWB  is  that  it  uses  broad  spec¬ 
trum  chirps.  The  frequencies  in  these 
pulses  overlap  the  frequencies  used  for 
other  applications  such  as  the  global 
positioning  satellite  system  that  supplies 
input  data  to  weather  prediction  systems 
and  some  cell  phone  systems.  Because 
UWB  uses  overlapping  frequencies,  there 
will  be  some  interference  with  existing 
systems,  but  there  is  disagreement  over 
how  significant  that  will  be. 

UWB  proponents  say  that  the  interfer¬ 
ence  will  be  minimal  at  worst,  while 
opponents  say  it  will  be  significant  at  best. 
The  FCC  has  decided  to  try  things  out, 
much  to  the  annoyance  of  opponents 
who  have  even  managed  to  get  the  scien¬ 
tific  geniuses  in  Congress  to  hold  a  hear¬ 
ing  on  the  topic.  (In  case  it’s  not  clear,  the 
above  is  sarcasm.) 

1  have  two  problems  with  the  arguments 
of  UWB  opponents:  First,  they  are  far  too 
strident;  it  has  been  my  observation  that 
whenever  there  is  a  scientific  disagree¬ 
ment,  the  side  that  brings  out  the  scariest 
scenarios  is  the  side  with  the  fewest  facts 
on  its  side;  and  second,  far  too  many  of 
them  have  an  economic  reason  to  thwart 
the  development  of  UWB. 

By  definition,  UWB  will  cause  some 
level  of  interference.  But  if  the  interfer¬ 
ence  from  the  very  low  power  transmit¬ 
ters  that  use  UWB  technology  will  signifi¬ 
cantly  disrupt  major  infrastructure  sys¬ 
tems  then  we  have  a  far  more  significant 
issue  with  the  fragility  of  these  systems  to 
deliberate  attack. 

Disclaimer:  One  of  Harvard's  jobs  is  to 
develop  graduates  that  will  produce  some 
level  of  interference  with  the  status  quo,  but 
1  know  of  no  university  policy  on  UWB. 

Bradner  is  a  consultant  with  Howard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 
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What  are  they  so  worried  about? 


Earlier  this  year  the  Federal  Commun¬ 
ications  Commission  gave  very  limit¬ 
ed  approval  to  the  initial  commer¬ 
cial  development  of  ultrawideband  wire¬ 
less  technology.  This  was  over  vehement 
objections  on  a  number  of  fronts. 


The  objections  have  not  gone  away 
either.  Just  a  few  weeks  ago  a  scare  story 
popped  up  in  the  news  from  England 
where,  the  claim  was,  authorities  were 
thinking  of  banning  all  laptop  computers 
from  airplane  carry-on  luggage  because 
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Sawis  finds  a  niche  in  down  market 

IP  VPN  offering  proves  popular  with  clients  seeking  back-up  network  connections. 


HOur  whole  product  set  is  geared 
towards  being  a  manged  infrastructure 
provider  for  IP-based  applications.  9  9 


Rob  McCormick 

CEO,  Sawis  Communications 


■  BY  MICHAEL  MARTIN 

HERNDON,  VA.  —  A  number  of  capital- 
starved  telecom  outfits  —  from  the  very 
small  to  the  very  large  —  have  gone  bust 
during  the  past  several  months. 

During  that  same  period,  a  small,  relative¬ 
ly  unknown  network  services  company 
called  Sawis  Communications  has  man¬ 
aged  to  raise  more  than  $200  million  in  pri¬ 
vate  backing,  despite  taking  what  has 
become  almost  an  industry-standard  beat¬ 
ing  on  Wall  Street.Sawis, which  has  been  in 
business  since  1996  and  is  nearing  prof¬ 
itability  with  $250  million  in  annual  rev¬ 
enue,  follows  a  simple  recipe,  says  CEO 
Rob  McCormick:  The  company  leases  in¬ 
stead  of  building  its  infrastructure,  which 
means  it  actually  benefits  from  the  glut  of 
bandwidth  in  the  market. 

Sawis  also  concentrates  its  efforts  on  sell- 


Takes 

■  Application  service  provider  Corio 
has  completed  its  purchase  of  fellow 
ASP  Qwest  Cyber  Solutions, 

bringing  on  some  50  new  customers. 
Corio  announced  the  deal  in  August 
saying  it  would  buy  the  ASP  assets 
from  Qwest,  which  earlier  this  year 
integrated  the  formerly  independent 
QCS  into  its  Web  hosting  business. 
With  the  deal,  existing  QCS  cus¬ 
tomers  will  continue  to  be  physically 
located  in  Qwest  data  centers,  but 
will  be  serviced  by  Corio.  Corio  now 
has  access  to  the  Qwest  infrastruc¬ 
ture  to  expand  its  operational  capabil 
ities,  the  company  says. 

■  Sprint  announced  last  week  it  is 
selling  its  directory  business  to  R.H. 
Donnelley  for  $2.3  billion.  While 
Sprint  would  not  say  if  the  money  will 
be  used  solely  to  reduce  its  $21  billion 
debt,  a  spokesman  said  the  deal  will 
“improve  Sprint's  financial  flexibility." 
Sprint  is  the  latest  carrier  to  sell  its 
Yellow  Pages  business  to  strengthen 
its  balance  sheet,  following  British 
Telecom,  McLeodUSA,  Qwest  and 
Canada's  BCE. 


ing  a  small  set  of  services,  the  cornerstone 
being  its  network-based  IP  VPN. 

“Our  whole  product  set  is  geared  towards 
being  a  managed  infrastructure  provider 
for  IP-based  applications,”  McCormick  says. 

The  core  of  the  network  is  formed  by  an 
ATM  backbone  and  Nortel  Shasta  VPN 
boxes.  To  hook  customers  to  the  network, 
Sawis  gives  them  an  integrated  access  de¬ 
vice  with  an  Ethernet  handoff  to  the  cus¬ 
tomer’s  edge  router. 

Once  the  customer  premises  box  is  in 
place,  Sawis  can  use  its  customized  man¬ 
agement  system  to  automatically  provision 
the  VPN  connection. 

Sawis  supports  frame,  ATM,  DSL  and  dial¬ 
up  last-mile  connections.  The  company 
currently  operates  in  112  cities  in  more 
than  48  countries. 

David  Willis,  an  analyst  with  Meta  Group, 
says  Sawis’  strengths  are  that  it’s  been  in 
business  longer  than  most  small  competi¬ 
tive  providers  and  that  it  has  a  core  of 
financial  services  customers. 

Sawis  began  as  a  network  provider 
serving  financial  firms  with  market  data 
information. The  company  has  expanded 
to  serve  other  businesses.  About  half  of 
the  provider’s  17,000  VPN  nodes  in  ser¬ 
vice  fall  outside  the  financial  services 
market  segment. 

“Enterprise  buyers  see  a  greater  need  for 
carrier  diversity  and  that  helps  [Sawis],” 
Willis  says. 

A  lot  of  businesses  are  calling  Sawis  look¬ 
ing  for  back-up  network  connections, 
McCormick  says. The  company  has  gotten 
a  lot  of  interest  from  WorldCom  clients. 

“Of  course  since  it’s  only  a  backup,  they 
want  a  special  price,”  McCormick  says. 
“We’re  pretty  flexible  on  that.” 

Michael  Drennan.vice  president  of  oper¬ 
ations  for  auto  parts  wholesaler  Precision 
Auto,  recently  signed  on  with  Sawis  to  pro¬ 
vide  VPN  links  for  26  sales  offices.  The 
offices  need  to  keep  in  constant  touch  with 
Precision’s  real-time  auto  parts  database, 


housed  on  a  server  in  Chantilly  Va. 

Precision  had  switched  from  a  frame  re¬ 
lay  network  to  DSL,  but  the  DSL  links  didn’t 
prove  reliable.  So  Precision  is  now  in  the 
process  of  switching  to  Sawis’  IP  VPN  ser¬ 
vice,  which  will  use  128K  bit/sec  frame  re¬ 
lay  connections  over  the  last  mile. 

Drennan  says  the  Sawis  service  wasn’t 
significantly  less  expensive  than  com- 


■  BY  MICHAEL  MARTIN 

Two  regional  Bell  operating  companies 
recently  have  made  big  strides  in  their 
efforts  to  offer  long-distance  services  in 
their  local  service  regions. 

BellSouth  filed  applications  with  the 
Federal  Communications  Commission  for 
its  final  two  states,  Tennessee  and  Florida, 
while  SBC  Communications  filed  an  appli¬ 
cation  for  its  largest  state,  California. 

BellSouth  already  has  won  FCC  approval 
for  seven  of  its  nine  local  states  and  would 
be  the  first  RBOC  to  be  able  to  offer  long¬ 
distance  voice  and  data  throughout  the 
U.S.  if  its  Florida  and  Tennessee  applica¬ 
tions  are  approved.The  FCC  has  90  days  to 
judge  the  applications. 

Under  the  Telecommunications  Act  of 
1996,  the  RBOCs  —  BellSouth,  Qwest,  SBC 
and  Verizon  —  must  prove  they  are  giving 
competitors  access  to  their  networks  in 
states  where  the  RBOCs  are  the  dominant 
local  carriers. 

Getting  long-distance  approval  for  all  of 
its  local  states  would  remove  a  big  barrier 
to  any  merger  of  BellSouth  with  AT&T  —  a 
possibility  that  was  much  speculated 
about  earlier  this  year. 


peting  offers. 

“But  we  were  impressed  that  they’d  made 
their  name  on  Wall  Street  and  their  sales 
people  were  very  technically  competent,” 
Drennan  says. 

Another  factor  in  Sawis’  favor  was  that 
Precision  didn’t  have  to  buy  customer 
premises  gear,  he  adds. 

While  Sawis  has  had  luck  raising  private 
funding  this  year,  the  company’s  fortunes 
on  the  stock  market  haven’t  been  nearly  as 
good.  Sawis  was  delisted  from  the  Nasdaq 
earlier  this  year  for  failing  to  meet  the  in¬ 
dex’s  minimum  share-price  requirements. 
Sawis  has  since  transferred  to  Nasdaq’s 
Small  Cap  Market.  On  Sept.  20,  the  compa¬ 
ny’s  shares  stood  at  37  cents,  well  off  its  52- 
week  high  of  $1.45. 

But,  Willis  says,  few  telecom  compa¬ 
nies  have  fared  well  in  the  stock  market 
this  year.  ■ 


However,  says  Thomas  Nolle,  president  of 
consultancy  CIM1  and  a  Network  World 
columnist,  the  deal  isn’t  as  likely  to  happen 
now  because  of  WorldCom’s  bankruptcy 
AT&T  stands  to  benefit  from  WorldCom’s 
woes  and  is  less  likely  to  need  a  partner  to 
keep  its  financial  numbers  steady,  he  says. 

“I’d  put  the  odds  at  2-to-l  against  anything 
happening,”  he  says. 

California  and  its  $10  billion  long-dis¬ 
tance  market  would  be  a  major  feather  in 
SBC’s  cap.  SBC  already  has  won  long-dis¬ 
tance  approval  for  five  of  its  13  local  states. 

The  California  Public  Utilities  Com¬ 
mission  ruled  that  SBC  has  passed  a  14- 
point  competition  checklist  contained  in 
the  telecom  act,  a  necessary  first  step 
before  an  FCC  application.  However,  the 
commission  also  ruled  that  SBC’s  entry  into 
the  long-distance  market  would  not  be  in 
Californians’  best  interests  because  SBC 
might  drive  competitors  out  of  the  state. 

The  commission  would  like  to  bar  SBC 
from  carrying  long-distance  services  with¬ 
in  California,  while  letting  the  carrier  han¬ 
dle  long-distance  between  California  and 
other  states.  Whether  the  commission  has 
the  authority  to  enforce  such  a  decision 
isn’t  clear,  as  the  FCC  has  yet  to  weigh  in.  ■ 
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Why  the  cable  companies  will  win 


Here’s  a  question  I  get  a  lot:  Who  will 
win  the  local  broadband  wars,  the 
telephone  companies  or  cable 
companies? 

There  are  good  arguments  on  both 
sides,  but  my  money  is  on  the  cable  com¬ 


panies.  Here’s  why: 

Customers.  While  it’s  indisputable  that 
the  telcos  have  the  broadest  customer 
base,  cable  companies  have  done  a 
good  job  grabbing  consumers  who  are 
most  likely  to  spend  money  on  broad- 
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band  services. There’s  a  pretty  good  cor¬ 
relation  between  households  willing  to 
pay  for  their  weekly  “Sopranos”  fix  and 
those  who  own  computers  and  have 
Internet  access.  It’s  also  worth  noting 
that  these  households  are  among  the 
most  likely  to  support  one  or  more 
telecommuters  —  individuals  with  a 
clear  business  need  for  broadband  (and 
potentially  a  deep-pocketed  employer 
willing  to  foot  the  bill). 

Cannibalization.  Telcos  are  notoriously 
leery  of  service  cannibalization,  and  are 
concerned  about  the  ways  that  DSL  cuts 
into  their  existing  service  portfolio.  As  a 
result,  you  almost  never  see  DSL  offered 
until  after  the  local  cable  companies  have 
made  cable  Internet  available.  It’s  almost 
comical:  First,  the  ILEC  tells  eager  cus¬ 
tomers  that  DSL  is  “unavailable  in  their 
region.”Then  RoadRunner  or  RCN  moves 
in  —  and  suddenly  DSL  becomes  “avail¬ 
able.”  Cable  companies,  on  the  other 
hand,  have  nothing  to  lose  and  everything 
to  win  by  moving  in  aggressively 

Service  portfolio.  This  is  a  biggie.  Years 
ago,  AT&T  did  a  study  that  showed  that 
bundling  services  is  an  effective  way  to 
retain  customers.  It’s  true.  For  example,  I 
get  local  and  long-distance  voice,  plus 
cable  and  cable  Internet,  from  my  local 
cable  provider  (I’ve  used  both  Time 
Warner  and  RCN).  It’s  great!  The  rates  are 
so  competitive  that  my  average  monthly 
bill  has  dropped  from  $200  to  $300  down 
to  about  $120.  And  even  though  my  phone 
service  is  a  little  spottier  than  I’m  used  to, 
and  Internet  access  tends  toward  mid¬ 
afternoon  outages,  I’m  hooked.  I  wouldn’t 
go  back  if  you  paid  me  (sorry, Verizon). 

Service  platform.  A  few  weeks  ago,  I 
made  the  case  to  Network  World's  editor¬ 
ial  director  and  president,  John  Gallant, 
that  AOL  Time  Warner  was  the  communi¬ 
cations  company  most  likely  to  succeed 
in  the  21st  century. 

I  admit  to  having  taken  a  somewhat  rad¬ 
ical  stance,  but  here’s  my  rationale:  As  an 
entity  that  can  offer  infrastructure 
(cable),  services  (such  as  AOL  and  AOL 
Instant  Messenger), and  content  (movies, 
books  and  music),  AOL  Time  Warner  is  in 
a  virtually  unparalleled  position  to  re¬ 
shape  the  communications  industry  in 
much  the  way  that  IBM  redefined  the 
computing  industry  in  the’60s  and  70s  by 
owning  hardware,  software  applications, 
and  services.  It’s  not  a  new  idea,  but  it’s 
still  a  good  one. 

The  caveat?  it  appears  that  cable  com¬ 
panies  are  possibly  the  only  organizations 
that  are  more  dysfunctional  and  poorly 
managed  than  telecom  providers.  But  I’m 
hoping  that  some  smart  cable  company 
—  maybe  even  AOL  Time  Warner  —  will 
recruit  a  21st  century  Lou  Gerstner  and 
realize  cable’s  true  potential. 

Johnson  is  senior  vice  president  and 
CTO  for  Greenwich  Technology  Partners,  a 
network  consulting  and  engineering  firm. 
She  can  be  reached  at  johna@green 
wichtech.com. 
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Content  delivery  networks  eye  Web  services 


■  BY  JENNIFER  MEARS 

Doug  Cavit,CIO  at  security  software  maker 

McAfee.com,  has  long  been  a  proponent  of  content 
delivery  networks.The  company  was  a  pioneering 
user  of  Akamai  Technologies’  edge  delivery  services,  and 
Cavit  says  that  by  running  about  60%  of  his  traffic  from 
the  edge,  he’s  avoided  the  need  to  add  hardware  while 
keeping  performance  levels  high. 

Now  he’s  ready  to  take  the  next  step. 

McAfee  is  working  with  Akamai  as  it 
readies  a  new  service  aimed  at  supporting 
Microsoft  .Net,  one  of  several  Web  services 
initiatives  that  are  under  way  at  CDN  com¬ 
panies.  During  the  past  year  or  so,  CDNs 
have  evolved  from  simply  supporting  stat¬ 
ic  content  to  handling  streaming  media 
and  dynamic  content  assembly. The  next 
move  for  these  companies  is  boosting  the 
performance  of  Web-enabled  applications. 

“All  the  pieces  are  starting  to  come 
together^’ Cavit  says.They’re  coming 
together  to  allow  you  to  be  able  to  use  the 
CDN  as  an  execution  platform  . .  .you 
won’t  just  be  creating  Web  pages,  you’ll 
actually  be  creating  services  on  the  edge.” 

The  move  is  happening  slowly  as  compa¬ 
nies  start  to  understand  how  so-called  Web 
services  can  benefit  their  businesses.  Web 
services  are  XML-based  application  com¬ 
ponents  that  can  be  cobbled  together  on 
the  fly  using  standards  such  as  Simple 
Object  Access  Protocol  for  their  transport. 

The  idea  is  that  disparate  applications  can 
communicate  with  each  other  over  the 
Internet,  enabling  busi ness-tobusi ness  con¬ 
nectivity  without  proprietary  middleware. 

Because  Web  services  will  travel  over 
HTTP  and  TCP/IP  operators  of  CDNs  say 
their  networks  will  fit  perfectly  into  the  puzzle.  CDNs 
helped  improve  the  performance  of  the  Internet  by  push¬ 
ing  content  closer  to  end  users,  and  analysts  say  they 
could  do  the  same  for  Web  services,  which  will  face  simi¬ 
lar  bottlenecks. 

“CDNs,  having  pieces  of  the  application  that  run  near  to 
the  users,  will  play  an  important  role  in  Web  services,” says 
fcter  Christy,  co-founder  of  NetsEdge  Research  Group. 
“You  will  have  to  do  exactly  what  a  CDN  did  for  the  dot¬ 
com  world,  which  is  to  move  things  nearer  to  the  points 
of  use,  rather  than  counting  on  them  getting  across  the 
Internet  on  their  own.” 

But  Christy  says  that  in  early  stages  of  Web  services 
deployment,  the  need  for  CDNs  might  not  be  great  be¬ 
cause  of  the  relatively  small  number  of  companies  using 
Web  services.  As  Web  services  become  more  prevalent 
and  companies  seek  ways  to  integrate  with  multiple  sys¬ 
tems,  CDNs  might  turn  out  to  be  the  key  to  ensuring  the 
smooth  flow  of  these  Web-enabled  applications. 

“But  that’s  the  million-dollar  question  because  we  don’t 
know  where  the  Web  services  market  is  going  to  go.  We 
don't  know  what  those  killer  applications  are  going  to 
be,"  says  Greg  Howard,  an  analyst  at  the  HTRC  Group. 


The  market  is  developing  —  albeit  slowly  according  to 
a  recent  study  by  IDC,  which  concluded  that  companies 
see  benefits  in  the  Web  services  architecture,  but  most  are 
proceeding  with  caution. The  survey  of  more  than  750 
businesses  found  that  four  out  of  five  respondents  plan  to 
undertake  Web  services  projects  during  the  next  three 
years,  but  only  one  in  four  already  have  completed  an 
internal  Web  services  deployment. 


Nevertheless,  CDN  providers  are  wasting  no  time  in  lay¬ 
ing  out  their  plans  to  support  Web  services.  Akamai  has 
announced  partnerships  with  IBM  and  Microsoft  to  sup¬ 
port  application  processing  within  its  global  network  of 
nearly  13,000  edge  servers.  Mirror  Image  also  detailed  its 
Web  services  push  earlier  this  year,  announcing  that  it 
would  enhance  its  network  of  content  access  points  to 
support  .Net  and  Java  2  Platform  Enterprise  Edition. 

Other  providers,  such  as  Cable  &  Wireless,  Conxion  and 
Speedera  Networks,  are  keeping  a  close  eye  on  the  mar¬ 
ket’s  development.They  say  they’re  ready  to  support  Web 
services  when  the  time  comes  —  the  question  is  when. 

“We  decided  that  [Web  services]  may  be  a  bit  further 
out  than  we  thought,”  says  Scott  Bishop,  director  of  prod¬ 
uct  marketing  at  Mirror  Image. 

Mirror  Image  had  planned  to  roll  out  Web  services  sup¬ 
port  by  year-end,  but  now  instead  plans  to  unveil  that 
capability  next  year.  In  the  meantime,  the  company  is 
focusing  on  supporting  Web-enabled  transactions. 

“There  are  a  ton  of  [electronic  data  interchange]  trans¬ 
actions  out  there  today  that  are  on  private  networks  that 
are  transitioning  over  to  an  Internet-based  EDI  model. 
That’s  a  perfect  play  for  us  in  terms  of  creating  a  Web  ser¬ 


vice  infrastructure  that  can  deliver  an  Internet-based  EDI 
solution  to  these  large  enterprises,”  Bishop  says. 

Akamai  also  has  pushed  back  plans  to  release  Web  ser¬ 
vices  capabilities,  which  had  been  slated  for  year-end. 
Thorsten  Ganz,  director  of  marketing  at  Akamai, says  beta 
testing  for  Java  processing  at  the  edge  will  begin  in  the 
first  quarter  of  next  year,  with  general  availability  slated 
for  the  second  quarter.  Services  based  on  .Net  will  be 
introduced  by  the  end  of  next  year,  but 
timing  depends  on  Microsoft’s  schedule 
for  the  .Net  server,  which  already  has  been 
delayed,  he  says. 

McAfee’s  Cavit  expects  to  use  Akamai’s 
.Net  capabilities  to  provide  a  subscription- 
based  antivirus  service  on  the  Web.  Now 
customers  can  get  software  downloads 
quickly  because  they  are  accessed  from 
Akamai’s  edge  servers.  With  .Net,  however, 
McAfee  can  move  authentication  process¬ 
ing  to  the  edge,  reducing  costs  by  eliminat¬ 
ing  the  need  to  add  hardware,  Cavit  says. 

Cavit  says  he  envisions  eventually  hook¬ 
ing  his  system  into  a  third-party  applica¬ 
tion  that  takes  payment  transactions,  all 
processed  at  the  edge. 

Using  Web  services  “really  is  a  big  para¬ 
digm  shift,”  Cavit  says.“It  opens  up  a  whole 
new  interesting  set  of  ways  of  going  about 
building  the  Web  and  it  opens  the  door  on 
the  concept  of  utility  computing  and 
things  like  that . . .  that  operate  via  CDNs  or 
overlay  networks.” 

But  before  CDNs  can  take  their  place  in 
the  Web  services,  businesses  must  adopt 
this  new  technology  One  of  the  big  hur¬ 
dles  to  adoption  is  the  question  of  security 
CDNs  tout  the  security  they  already  have 
in  place  for  content  delivery  Web  services 
vendors  also  are  taking  a  hard  look  at  how 
to  beef  up  security  for  these  untethered  applications.  IBM, 
Microsoft  and  VeriSign  developed  Web  Services  Security  a 
specification  for  securing  the  exchange  of  Web  services 
messages.The  Organization  for  the  Advancement  of 
Structured  Information  Standards  is  reviewing  that  specifi¬ 
cation  as  a  proposed  standard. 

When  those  types  of  issues  become  hardened  more 
companies  will  consider  Web  services  and  might  look  to 
the  overlay  networks  provided  by  CDNs  to  ensure  that  the 
applications  achieve  the  performance  they  need. 

Sean  Armstrong, senior  Internet  manager  at  software 
maker  Network  Intelligence,  says  he  uses  Web  services 
internally,  but  would  consider  a  CDN  for  delivery  once 
issues  such  as  standards,  security  and  workflow  become 
more  mature. 

“The  idea  of  utilizing  a  globally  distributed  high-speed 
infrastructure  as  the  transport  layer  for  Web  services  is 
appealing  on  many  levels,"  he  says.“Along  with  vast 
improvements  in  delivery  throughput  to  points  around 
the  globe,  the  simple  fact  that  there  is  another  item  of 
concern  —  reliable  and  cost-effective  data  transfer  —  1 
can  get  off  my  plate  makes  it  worth  the  time  to  imple¬ 
ment  this  service."  ■ 


Preparing  for  Web  services 


CDN  operators  say  they  can  speed  the  delivery  of  Web  services.  Here’s 
how  some  are  moving  in  that  direction: 


Akamai  Technologies: 

Announced  partnerships  with  Microsoft  and  IBM  to  support  application  processing 
at  the  edge.  Akamai  EdgeSuite  for  Java  based  on  IBM  WebSphere  to  be  available 
Q2  next  year;  EdgeSuite  for  .Net  could  be  available  by  the  end  of  2003. 

Cable  &  Wireless: 

Introduced  2Way  Web  Services,  modular  pieces  of  application  components  that 
let  business  charge  for  specific  content,  for  example.  Company  says  it's  a  first 
step  toward  Web  services  support. 

Conxion: 

Says  Hot  Route  delivery  technology  on  its  private  global  network  will  appeal  to 
corporations  not  willing  to  put  applications  on  the  Internet. 

Mirror  Image: 

Plans  to  update  content  access  points  to  support  Java  and  .Net  and  roll  out 
services  next  year.  Web  Services  Delivery  Gateway  will  provide  centralized 
management  of  applications  so  business  can  control  security,  monitoring  and 
billing  ofWeb  services. 

Speedera  Networks: 

Will  update  monitoring  and  management  tool  SpeedEye  and  enhance  intelligent 
edge  services  such  as  authentication,  personalization  and  targeting  content  for 
specific  locations  to  support  Web  services. 
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■  SERVICE  PROVIDER  DEVELOPMENTS 
AT  THE  JUNCTURE  BETWEEN  THE  ENTERPRISE 
AND  THE  NEW  PUBLIC  NETWORK 


CommWorks  drops,  but  plugs  along 

3Com  subsidiary  endures  consecutive  quarters  of  declining  revenue. 


3Com’s  albatross? 

CommWorks,  the  carrier  products  division  of 
3Com,  has  not  been  immune  to  the  slowdown 
in  telecom  equipment  spending. 

Product  sales  (in  millions) 


1 


Q1’02  Q2’02  Q3’02  Q4’02  Q1’03 


■  BY  PHIL  HOCHMUTH 

ROLLING  MEADOWS,  ILL— When  3Com 
spun  off  its  carrier  subsidiary  CommWorks, 
it  knew  there  would  be  some  rough  quar¬ 
ters  . . .  just  not  this  many 

Almost  two  years  after  its  creation, 
CommWorks  has  seen  its  revenue  shrink  in 
seven  of  eight  quarters  as  the  company  suf¬ 
fers  along  with  everyone  else  from  the  mal¬ 


■  BY  JIM  DUFFY 

LOWELL,  MASS. —  Packet  telephony  ven¬ 
dor  Convergent  Networks  last  week  broad¬ 
ened  its  target  market  to  include  cable 
operators. 

Convergent  rolled  out  Release  4.0  of  its 
Cohesion  distributed  packet  telephony 
software,  which  features  media  gateways, 
signaling  gateways,  tandem  switching 
capabilities  and  network  management  ap¬ 
plications  customized  for  cable  operators. 
The  products  are  intended  to  let  cable  mul¬ 
tiple  service  operators  (MSO)  deliver  pack¬ 
et  voice  services  in  addition  to  their  video 


■  WaveSmith  Networks  last  week 
announced  that  two  carriers  have 


installed  its  Distributed  Node  multi¬ 
service  edge  switches.  Ben  Lomand 
Telephone  and  Vanion  have  de¬ 
ployed  Distributed  Node  for  DSL  ag¬ 
gregation,  and  frame  relay  grooming 
and  aggregation,  respectively.  Ben 
Lomand  installed  WaveSmith's  DN 
7100  switch  while  Vanion  opted  for  the 
DN  4100.  Ben  Lomand  serves  36,000 
business  and  residential  customers  in 
Tennessee.  Vanion  serves  metropoli¬ 
tan  and  rural  markets  in  Colorado. 


aise  in  the  carrier  equipment  market.  And 
while  observers  say  CommWorks  is  strong 
in  several  niche  and  emerging  carrier  tech¬ 
nology  markets,  it  might  not  have  the  prod¬ 
uct  lineup  to  make  it  when,  or  if,  carriers 
decide  to  start  buying  products  again. 

CommWorks  has  a  strong  installed  base 
with  service  providers  and  says  its  products 
are  in  the  networks  of  16  of  the  top  20  ser¬ 
vice  providers  worldwide.  The  company’s 


and  IP  data  offerings  (see  graphic  at 
www.nwfusion.com,  DocFinder:  2438). 

“When  the  DSL  and  [competitive  local 
exchange  carrier]  markets  imploded,  a  lot 
of  folks  keenly  got  interested  in  the  cable 
space.  These  were  carriers  that  had  free 
cash  flow  and  access  to  capital,”  says 
Michael  Harris,  an  analyst  with  Kinetic 
Strategies.  “So  if  you  look  at  carriers  that 
are  positioned  to  actually  deploy  voice 
over  ip  the  cable  industry  is  at  the  top  of 
the  list.” 

With  that  as  a  backdrop,  Convergent  un¬ 
wrapped  Cohesion  4.0  and  enhancements 
to  its  ICS2000  media  gateway  ICSX  call 
management  server,  ICSG  signaling  gate¬ 
way  and  ICSP  server  proxy  The  products 
are  compliant  with  the  PacketCable  1.0 
and  1.1  specifications,  and  interoperable 
with  a  number  of  leading  vendors’  cable 
modems  and  modem  termination  systems. 

These  products,  combined  with  Cohe¬ 
sion  4.0  software,  let  MSOs  establish  sepa¬ 
rate  “zones”  for  IP  and  public  switched 
telephone  network  (PSTN)  services,  Con¬ 
vergent  says. 

ICSP  and  1CS2000  let  IP-based  application 
services  be  executed  on  PSTN  trunk  end¬ 
points.  Convergent  says. 

Conversely  ICSP  also  can  mediate  be¬ 
tween  Signaling  System  7-based  service 
control  elements  and  call-management 
elements  that  are  controlling  line  or  trunk 
endpoints. 

Cohesion  4.0  elements  also  can  be  used 
in  an  array  of  local  and  toll  tandem  appli¬ 
cations,  Convergent  says.  ICS2000  supports 

See  Convergent,  page  34 


TotalControl  1000  service  provi¬ 
sioning  hardware  and  software 
platforms  are  used  widely  by 
carriers  such  as  AT&T,  World¬ 
Com  and  Sprint. 

But  CommWorks  has  one  foot 
in  the  past  and  one  in  the  future 
in  terms  of  its  top  moneymaking 
products,  which  is  a  blessing 
and  a  curse. 

Some  of  CommWorks’  biggest 
revenue-generating  product 
lines  are  its  older  remote  access 
servers  (RAS)  and  V92  modem 
bank  concentrators  for  support¬ 
ing  ISP  dial-up  modem  access. 

Jupiter  Media  Metrics  says 
broadband  Internet  access  is  in 
only  16%  of  U.S.  households. 

Many  other  analysts  say  dial-up 
modems  are  the  access  method 
of  choice  for  more  than  two-thirds  of 
Internet  users. 

Some  observers  say  CommWorks  can 
continue  to  squeeze  revenue  out  of  this 
market  for  years  to  come. 

CommWorks’  other  foot  is  making  a  hard 
charge  into  the  next-generation  voice  and 
packet  telephony  markets,  with  its  line  of 
softswitches,  Signaling  System  7  gateways, 
and  Session  Initiation  Protocol  and  H.323 
voice-over-lP  (VoIP)  protocol  gateways. 
CommWorks  says  these  products  have 
carried  a  total  of  10  billion  minutes  ofVoIP 
traffic  since  they  were  introduced  in  2000. 

“Areas  where  we  see  growth  are  in  the 
adoption  of  VoIP  and  VoIP  services,”  says 
Dennis  Connors,  president  of  CommWorks. 
“This  won’t  be  broadbased,  however.  I  don’t 
think  we’ll  see  big  changeouts  or  green¬ 
field  opportunities  for  [carrier  VoIP  deploy¬ 
ments]  .There  will  be  adjunct  opportunities 
for  us,  however,  where  our  enhanced  VoIP 
and  VoIP  services  products  will  be  comple¬ 
mentary  to  customers’  existing  systems.” 

But  VoIP  equipment  for  service  provider 
networks  is  a  market  that  has  dragged  its 
heels  up  to  now. Total  IP  voice  product  rev¬ 
enue  declined  8%  between  the  first  and 
second  quarters  of  this  year,  from  $253  mil¬ 
lion  to  $233  million, according  to  Infonetics 
Research. 

However,  the  research  firm  expects  over¬ 
all  market  to  more  than  double  during  the 
second  half  of  this  year,  to  $1.1  billion  by 
year-end. 

Analysts  are  not  as  bullish  about  Comm¬ 
Works’  ability  to  gain  a  significant  share  of 


that  growth.  Despite  its  strong  technology 
and  a  good  base  of  carrier  customers, 
some  analysts  see  CommWorks  as  coming 
up  short  in  offering  a  comprehensive  prod¬ 
uct  line  compared  with  vendors  that  offer 
optical  transport  and  IP  infrastructure  gear 
in  addition  to  the  VoIP softswitch  and  RAS 
products  that  CommWorks  has. 

“CommWorks  remains  vulnerable  to  the 
single-vendor,  end-to-end  solutions  from 
major  rivals  such  as  Alcatel,  Nortel,  Cisco, 
Lucent  and  Siemens,”  writes  Brent  Wilson, 
principal  analyst  with  Current  Analysis,  in  a 
recent  report  on  CommWorks.  “Some  of 
these  competitors  might  not  offer  as  com¬ 
plete  a  solution  as  they  once  did,  but 
CommWorks  still  has  significant  holes  in  its 
ability  to  support  end-to-end  services,  lack¬ 
ing  high-end  optical  components,  for 
example,  that  competitors  can  couple 
closely  with  their  backbone  data  products,” 

CommWorks’  opportunity  is  in  augment¬ 
ing  products  it  does  not  offer,  Connors 
counters. 

“In  a  market  as  difficult  as  this,  you  can’t 
just  go  to  customers  and  say, 'Here  are  our 
products  for  you  to  buyT  Connors  says.“We 
have  to  evaluate  and  make  a  very  specific 
case  as  to  what  we  have  that  will  be  a  com¬ 
plementary  offering  for  [carrier  cus¬ 
tomer’s]  networks.” 

Wilson  says  CommWorks  should  partner 
with  other  vendors  such  as  Avici  or  Juniper 
Networks,  which  offer  the  transport  pieces 
of  the  puzzle  while  lacking  a  service  ere 
ation  portfolio  or  some  of  the  extras,  such 
See  CommWorks,  page  34 
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as  VoIP  and  RAS  gear.  Connors  agrees. 

Partnering  with  other  vendors  is  an 
important  part  of  that  complementary 
offering  process,  he  says.  While  Connors 


would  not  talk  about  any  future  collabora¬ 
tions  with  other  vendors,  he  cited  a  recent 
deal  with  Turk  Telecom  and  Alcatel,  where 
Alcatel  VoIP  gear  was  installed  along  with 
CommWorks’ Total  Control  1000  products, 
as  an  example  of  the  partnering  activities 
CommWorks  will  seek. 


But  another  perceived  weakness  of 
CommWorks  is  its  connection  to  3Com, 
other  analysts  say 

The  $36  million  in  revenue  CommWorks 
brought  in  for  3Com’s  first  fiscal  quarter  of 
2003  (which  ended  on  Aug.  30)  accounted 
for  only  11%  of  the  company’s  total  rev- 
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enue,  which  was  $305  million.  This  repre¬ 
sents  CommWorks’  lowest  contribution  to 
3Com’s  top  line  since  the  company  was 
spun  off  in  December  2000. 

3Com  has  the  balance  sheet  —  $1.39  bil¬ 
lion  in  cash  —  to  keep  its  carrier  operation 
going  though  the  bad  times.  However, 
3Com  also  has  a  history  of  quickly  shed¬ 
ding  businesses  and  product  lines  that 
don’t  pull  their  weight. 

This  could  be  a  factor  in  carriers’  deci¬ 
sions  whether  to  purchase  CommWorks’ 
gear,  says  Glenn  Gabriel  Ben- Yosef,  princi¬ 
pal  analyst  with  Clear  Thinking  Research. 

“Viability  is  the  issue”  that  carriers  might 
have  with  CommWorks,  Ben-Yosef  says. 
“3Com  in  the  last  three  years  has  vacillated 
so  much;  it  hasn’t  decided  what  it  wants  to 
be.  It  has  killed  several  product  lines  with¬ 
out  warning  [in  the  enterprise,  consumer 
and  home  broadband  customer  premise 
equipment  markets]  and  that  could  easily 
happen  with  CommWorks.” 

Connors  doesn’t  expect  any  big  shake- 
ups  or  other  moves  that  might  spook 
customers. 

“We’ll  always  be  looking  at  what’s  best 
for  shareholders,”  Connors  says.  “But  I 
don’t  expect  to  look  at  any  kind  of  IPO  or 
other  separation  [from  3Com]  anytime 
soon.”B 


Convergent 

continued  from  page  31 

IRATM  and  TDM  trunk  groups,  including 
ISDN  and  channel-associated  signaling; 
and  logical  partitioning  for  resale  and 
voice-VPN  services. 

“Convergent  has  thought  a  little  more  ele¬ 
gantly  about  how  you  can  provide  a  more 
integrated  and  seamless  PSTN  intercon¬ 
nection  point  for  a  packet  network,  par¬ 
ticularly  through  integrating  some  of  the 
trunking  elements,”  Harris  says.  “They’ve 
also  done  a  pretty  decent  job  in  terms  of 
density.” 

Convergent  says  it  can  support  more 
than  three  times  as  many  IP/G.71 1  calls  per 
shelf  or  rack  than  any  other  PacketCable- 
compliant  competitor. 

Convergent’s  Cohesion  4.0  will  go  up 
against  cable  packet  telephony  offerings 
from  Sonus  Networks,  Nortel  and  Siemens, 
and  other  media  gateway  vendors. 
Adelphia  and  Cablevision  currently  use 
Cohesion  4.0  in  tandem  applications.  Con¬ 
vergent  has  negotiations  under  way  with 
two  MSOs  for  trials  and  has  responded  to 
requests  for  proposal  from  several  others, 
says  Carl  Baptiste,  Convergent’s  managing 
director  of  marketing. 

Cohesion  4.0  and  its  associated  prod¬ 
ucts  are  available  now.  ■ 


More  online! 

Leam  more  about 
Convergent  s  beginnings. 
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■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


Multicast  fan-out  saves  bandwidth 


HOW  IT  WORKS 


Multicast  fan-out 


Multicast  fan-out  transparently  converts  unicast  TCP 
connections  into  reliable  multicast  that  can  be  sent  to 
multiple  sites  without  using  additional  bandwidth. 
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O  An  application  server  sends  ©  Multicast  fan-out  transmitter  ©  Multicast  fan-out  receiver  converts 
unicast  TCP  message.  converts  unicast  TCP  message  into  message  back  to  unicast  TCP. 

reliable  multicast  protocol.  The  Message  is  received  by  local  client, 
message  is  then  sent  to  multiple  sites. 


■  BY  D.C.  PALTER 

Multicast  technology  is  the  most  efficient 
way  to  deliver  a  file  or  data  stream  from  a 
single  server  to  multiple  clients. The  use  of 
multicast  conserves  server  resources  while 
reducing  bandwidth  requirements,  which 
can  be  especially  beneficial  over  expen¬ 
sive  WAN  links. 

While  there  is  little  dispute  over  the  ben¬ 
efits  of  multicast,  it  is  not  widely  deployed 
because  of  two  particular  limitations. 

First,  complex  billing,  management  and 
security  concerns  have  caused  most  ISPs 
to  block  multicast  traffic  from  their  net¬ 
works.  Because  it  is  necessary  for  the 
entire  network  path  between  the  server 
and  clients  to  be  multicast-enabled,  mul¬ 
ticast  availability  generally  is  limited  to 
closed  networks. 

Second,  IP  Multicast,  a  standard  compo¬ 
nent  of  the  TCP/IP  protocol  suite,  is  a  User 
Datagram  Protocol  (UDP)-based,  unreli¬ 
able,  “best-effort”  service.  While  useful  for 
real-time  streaming,  IP  Multicast  is  inappro¬ 
priate  for  file  and  data  transfers  where  reli¬ 
ability  is  a  requirement.  Although  there  are 
a  variety  of  products  available  for  reliable 
multicast,  these  generally  require  the  instal¬ 
lation  of  multicast  protocols  on  all  end 
nodes  and  can  use  only  specialized  multi¬ 
cast-aware  applications. 

Multicast  fan-out 

Multicast  fan-out  (MFO)  overcomes 
these  limitations  by  transparently  con¬ 
verting  unicast  TCP  connections  into  a 
specialized  reliable  multicast  protocol 
for  transmission  over  the  WAN.  On  the 
opposite  side  of  the  WAN  link,  the 
process  is  reversed  —  the  reliable  multi¬ 
cast  protocol  traffic  is  converted  back  to 


unicast  TCP  for  communication  with  the 
ultimate  destinations. 

This  fan-out  process  lets  the  server  and 
each  of  the  clients  continue  using  stan¬ 
dard  TCP-based  applications,  including 
FTP  without  any  changes  to  the  local  net¬ 
work  infrastructure,  while  taking  advan¬ 
tage  of  the  benefits  of  reliable  multicast 
over  the  WAN. 

MFO  works  by  inserting  an  MFO  trans¬ 
mitter  on  the  server  side  of  the  WAN  link 
and  MFO  receiver  at  each  remote  site. 
This  functionality  can  be  implemented 
as  a  separate  proxy-like  hardware  device 
or  embedded  into  other  hardware  on  the 
network  such  as  the  router,  modem  or 


WAN  connectivity  device. 

The  MFO  transmitter  intercepts  the  uni¬ 
cast  TCP  connection  from  the  application 
server.  The  MFO  Transmitter  then  sends 
the  data  over  the  WAN  link  to  each  MFO 
receiver  using  a  specialized  reliable  multi¬ 
cast  protocol.  At  each  remote  site,  the 
MFO  receiver  relays  the  data  to  a  local 
client  or  set  of  clients  using  a  new  unicast 
TCP  connection  (see  graphic). 

MFO  can  work  with  any  TCP  applica¬ 
tion  that  pushes  data  from  a  content 
server  to  local  clients.  Uses  can  include 
not  only  file  transfer  applications  such 
as  FTP  but  databases,  cache  replication 
systems,  content-delivery  networks, 


video  servers  and  proprietary  client- 
server  applications. 

Time  and  bandwidth  savings 

Over  a  2M-bit/sec  link,  a  standard  FTP 
download  requires  400  seconds  to  trans¬ 
fer  a  100M  byte  file  to  one  site. To  transfer 
the  same  file  to  10  sites  requires  more 
than  an  hour.  With  100  sites,  the  transfer 
takes  more  than  1 1  hours. 

Using  MFO, the  file  transfer  takes  400  sec¬ 
onds  whether  sending  to  one,  five,  10  or 
100  or  more  remote  sites.  Similarly,  MFO 
uses  no  more  bandwidth  to  send  the  file 
to  all  the  sites  as  it  does  to  send  it  to  a  sin¬ 
gle  site. 

MFO  is  ideal  for  distributing  content 
stored  at  a  central  location  to  multiple 
remote  sites.  With  MFO: 

•  ISPs  can  replicate  cache  content  to 
local  points  of  presence. 

•  Chain  stores  and  franchises  can  down¬ 
load  database,  inventory  and  pricing  data 
from  headquarters  to  local  stores. 

•  Companies  can  distribute  software 
updates,  presentations  and  training  mate¬ 
rials  across  the  company 

•  The  entertainment  industry  can  trans¬ 
fer  large  video  files  to  distribution  centers, 
affiliates  or  directly  to  theaters. 

MFO  is  transparent  to  clients  and 
servers  and  requires  a  multicast-enabled 
infrastructure  only  over  the  WAN  link.  By 
automatically  converting  standard  uni¬ 
cast  transfers  to  reliable  multicast,  MFO 
reduces  the  time  to  transfer  data  and  files 
to  multiple  users  while  cutting  band¬ 
width  costs. 

Palter  is  vice  president  of  Mentat,  a  Los 
Angeles  supplier  of  network  protocols.  He 
can  be  reached  at  dc@mentat.com. 


Dri  Internet  By  Steve  Blass 

We've  seen  some  ads  for  5.8GHz  cordless 
phones.  Will  these  interfere  with  802.11a  net¬ 
works  in  the  way  that  2.4GHz  phones  interfere 
with  802.11b  networks? 

The  5-GHz  band  is  unlicensed  in  the  U.S.  like  the 
frequencies  used  by  the  2.4-GHz  technologies,  but 
is  much  less  crowded.  So  today,  the  probability  of 
interference  with  an  802.11a  network  is  much 
lower  than  802.11b  (check  out  www.nwfusion.com, 


DocFinders:  2435  and  2436,  for  more  information). 

802.11a  uses  Orthogonal  Frequency  Division 
Multiplexing  instead  of  the  Direct  Sequence 
Spread  Spectrum  technology  that  is  the  root  of 
most  802.11b  pitfalls.  Choosing  the  lower  speed 
Frequency  Hopping  Spread  Spectrum  settings  in 
802.11b  equipment  can  overcome  much  of  the  typi¬ 
cal  interference  from  other  nearby  radio  devices. 
But  it  also  reduces  the  throughput  capabilities.  The 
current  attraction  of  802.11a  is  that  it  operates  in 


fairly  empty  spectrum,  which  is  used  mostly  for 
governmental  communications.  The  5-GHz  tech¬ 
nology  also  is  better  equipped  to  fight  interfer¬ 
ence.  OFDM  uses  48  separate  subcarriers  to  pro¬ 
vide  6M,  9M,  12M,  18M,  24M,  36M,  48M  or  54M 
bit/sec. 

Blass  is  a  network  architect  at  Change® 
Work  in  Houston.  He  can  be  reached  at 
dr.internet@changeatwork.com. 
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In  the  last  Gearhead  we  were  perusing 
the  strange  world  of  Internet  Explorers 
use  of  folders  under  Windows. This  is  a 
world  where  things  are  not  as  they  seem, 
and  once  again  Microsoft  has  created  an 
architecture  that  would  make  Dali  proud. 

Rather  than  hack  through  the  under¬ 
growth  of  Microsoft’s  peculiar  use  of  the 
Windows  file  system  and  fight  the  wild, 
untamed  wilderness  that  is  Internet 
Explorer,  allow  us  to  point  you  to  a  terrific 
document  that  will  tell  you  more  than  you 
expected  to  know  (and  possibly  wanted  to 
know)  about  the  subject:  “Index.Dat  Files 
and  Primary  I.E.  Folders”  (wwwpurgeie. 
com/indexdat.htm).The  piece  is  by  James 
Lawler,  the  author  of  a  fine  utility  called 
PurgelE  (www.purgeie.com). 

Let’s  take  a  second  to  note  that  finding 
out  how  Microsoft  does  all  its  tricks,  like 
making  records  in  index  files  look  like  real 
files  in  the  file  system,  is  remarkably  diffi¬ 
cult  —  just  try  to  find  a  clear,  concise  de¬ 
scription  in  the  Microsoft  KnowledgeBase. 


More  weirdness 

It  also  makes  one  wonder  how  we  manage 
to  get  Windows  to  do  anything  other  than 
what  Microsoft  wants  or  will  let  us  do. 
Windows  is  to  systems  engineering  what  a 
straightjacket  is  to  ballet. 

Anyway  PurgelE  Version  5.01  assists  “you 
in  controlling  Cookies  on  your  system 
using  Internet  Explorer  facilities.  This 
includes  display  and  modification  func¬ 
tions  for  Security  Zone  assignments  and 
the  IE-6  ‘per-site’  Cookie  Settings.”  As  you 
might  assume,  it  supports  IE-6  and  Win¬ 
dows  XP.  As  the  author  notes,  “PurgelE  is 
the  Swiss  Army  Knife  of  Cache  and  Cookie 
Utilities  for  Internet  Explorer!’ 

And  a  Swiss  Army  Knife  it  is.  To  begin 
with,  PurgelE  will  give  you  statistics  about 
your  cookies  and  Internet  Explorer’s  wild 
and  abandoned  use  of  disk  space.  Here’s 
what  ours  looks  like: 

Online  Cache:  20,040  files  —  221,188K 
used  of  478,992K  allocated 
Offline  Cache:  seven  files  —  39,81 7K 
used  of  39,888K  allocated 
Total  Cache:  20,047  files  —  261,005K  used 
of  518.880K  allocated 
Cookies:  1,835  files  —  325K  used  of 
29.360K  allocated 

Temp:  1,662  files  —  1,174,237K  used  of 
1,191,712K  allocated 

UserData:  nine  files  —  IK  used  of  144K 
allocated 
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Product  PurgelE  v5.01 

Functionality . B 

Overall  grade 

Elegance . 0 

D 

Value  for  money . A 

D- 

Vendor:  Assistance  &  Resources 
for  Computing 

9508  In-A-Vale  Drive 
Brentwood, Tenn.  37027 
www.purgeie.com 


That  is  a  total  of  43,600  files  that  use 
1.697G  bytes  of  a  total  of  2.259G  bytes  allo¬ 
cated.  Staggering. 

PurgelE’s  purpose  is  just  that:  to  delete 
cookies,  previous  searches,  autocomplete 
entries,  history  folders,  visited  and  typed 
URLs  and  recent  links  (“Links  to  docu¬ 
ments,  images  that  were  accessed  by  your 
system  [and]  displayed  as  icons  when  you 
press  the  Windows  Start  button  and  select 
Documents.”).  It  even  empties  the  recycle 
bin.  It  can  be  configured  to  run  on  start-up 
and  be  set  so  it  only  purges  the  online  and 
offline  caches  of  items  that  are  more  than 
a  user  configurable  age  old. 

PurgelE  also  can  identify  and  clean  up 
“strays”  —  cookies  and  cache  files  that  are 
not  indexed  by  an  Internet  Explorer  index. 
There  are  several  causes  for  strays,  the 


www.nwfusion.com 


main  one  being  termination  of  a  Web  page 
before  the  loading  process  is  complete.The 
cookie  or  content  file  goes  into  the  cache, 
but  the  index  is  not  updated. 

Items  can  be  protected  by  domain,  full 
URL  or  item  type  so  that  they  are  excluded 
from  purges,  and  you  can  execute  test 
purges  that  display  what  would  be  purged 
without  anything  actually  happening. 
Cookies  also  can  be  blocked  or  allowed  on 
a  domain-by-domain  basis. 

We  only  have  a  couple  of  criticisms.  First, 
the  user  interface  is  a  little  rough. 

Second, given  that  we’re  dealing  with  tens 
of  thousands  of  files,  some  operations  can 
take  a  long  time.  But  there  is  no  way  to 
know  how  processing  is  progressing  and 
no  way  to  stop  processing.  So  once  you 
select,  for  example,  to  find  all  the  strays, 
which  requires  cross-referencing  every  file, 
you  are  in  for  a  long  wait. 

Something  we’d  like  to  see  in  PurgelE 
would  be  suggested  purging  configura¬ 
tions  for  people  whose  concerns  span 
from  laissez  faire  to  completely  paranoid. 

Other  than  that,  we  like  PurgelE  a  lot. The 
program  is  sold  as  shareware  on  a  30day 
trial  and  costs  $20. 

Enough  cookies  already!  Next  week, 
red  meat. 

Dietary  notes  to  gearhead@gibbs.com. 


Cool  Too 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Connecting  to  Sprint's  new  network 


Many  of  the  new  phones  and  devices  that  Sprint 
launched  with  its  new  PCS  Vision  network  have 
consumer  appeal,  with  features  such  as  picture  tak¬ 
ing,  animated  screen  savers  and  mobile  games.  But  there 
are  two  products  that  business  users  should  look  at:  the 
Handspring  Treo  300  and  the  Sprint  PCS  Vision  PC  card. 

We  recently  tested  these  two  products,  and  were  im¬ 
pressed  with  the  network  speeds  (coverage  wasn’t  too 
bad  either).  The  integration  of  Sprint’s  software  for  wire¬ 
less  e-mail  access  into  the  Treo  300  is  so  good  that  it  might 
cause  BlackBerry  fanatics  to  consider  switching. 

The  PCS  Vision  network  is  a  Code  Division  Multiple 
Access  lxRTT  wireless  network  that  promises  transmis¬ 
sion  speeds  of  up  to  144K  bit/sec.,  with  an  average  rate 
between  50K  and  70K  bit/sec.  It  was  launched  nation¬ 
wide  by  Sprint  early  this  summer  (nationwide  meaning 
in  the  large  U.S.  cities,  of  course). 

The  Handspring  Treo  300  ($600 
retail,  plus  service  fees)  is  a  con¬ 
verged  device  (PDA  plus  cell 
phone)  that  uses  the  Palm  OS 
(Version  4).  It  has  an  integrated  key¬ 
board  (like  the  Research  in  Motion 
Blat  kBerry)  for  text  input,  and  is  smaller 
than  earlier  versions  of  converged  devices 


The  PCS  Vision  PC  card  gave  us  speeds  that  were 

faster  than  dial-up. 


(although  it’s  the  same  size  as  other  Treo  Communicator 
models  that  run  on  other  wireless  networks). 

The  Treo  300  can  display  more  than  4,000 
colors,  and  has  a  cover/shield  that  flips 
open  (clamshell-like)  to  the  touch 
screen  and  makes  it  look  like  a  regu¬ 
lar  cell  phone.  The  Treo  300  is  small 
enough  to  fit  into  your  pocket,  so  it 
feels  more  like  a  cell  phone  than  a 
PDA, and  the  reduction  in  screen 
size  was  not  as  dramatic  as  you 
might  think. 

Internet  access  is  handled 
through  Handspring’s  Bla¬ 
zer  browser  —  it  gives  you 
access  to  predetermin¬ 
ed  Web  sites  on  Sprint’s 
network  (which  are 
optimized  for  the  size 
of  the  screen).  How¬ 
ever,  you  also  can  input  any 
URL  into  the  browser  and  it  will  access 
the  site,  although  you  might  have  to  scroll 
around  the  screen  to  find  what  you're  looking 
for.  Its  bookmarking  feature  made  it  simple  to  store 
favorite  Web  sites  into  the  browser. 

Because  the  network  speeds  are  faster,  it  was  less 
painful  to  sit  and  wait  for  Web  pages  to  come  up  on 
the  device,  but  it  was  still  slow  enough  to  remind 
us  that  we  were  attempting  to  view  Web  pages 
on  a  handheld  device.  It’s  still  a  step  in  the 
right  direction,  though. 

The  wireless  e-mail  integration  was 
impressive.  Included  with  the  Handspring  Treo 


Shaw  can  be  reached  at  kshaw@nww.  com. 


The  Handspring  Treo  300  might  get  you  to  switch 
from  your  BlackBerry. 


was  Sprint’s  Business  Connection  Per¬ 
sonal  Edition  software,  which  lets  you 
retrieve  corporate  e-mail  (we  tested 
with  Microsoft  Exchange)  via  the  de¬ 
vice.  Much  like  the  RIM  Internet  edi¬ 
tion  software,  a  user  has  to  install  the 
personal  edition  software  and  keep  a 
desktop  running  to  receive  the  e-mail 
on  the  device.  However,  Sprint  also  has 
an  Enterprise  Edition  that  lets  busi¬ 
nesses  forward  e-mail  directly  from  the 
Exchange  server. 

The  Sprint  PCS  Vision  PC  Card  is  a 
Novatel  Wireless  card  (Merlin  C201, 
about  $250)  that  allows  data  access  to 
the  PCS  Vision  network  for  notebook 
computers.  For  computers  that  are  out 
of  range  of  a  wireless  LAN  (most  hotel 
rooms),  this  can  be  a  way  to  stay  mobile 
and  avoid  paying  outrageous  hotel 
phone  charges. 

In  our  tests,  we  got  about  260K  bit/sec 
data  rates  on  average,  much  better  than  the 
50K  to  70K  bit/sec  average  that  Sprint  said  it  could  deliv¬ 
er.  At  some  points  we  received  bursts  that  were  smaller 
(around  150K  bit/sec),  but  we  also  received  larger 
bursts  (up  to  700K  bit/sec  at  times). 

Overall,  the  experience  was  better  than  dial-up  but  still 
not  as  seamless  as  ourT-1  or  wireless  LAN  connected  to 
our  cable  modem. 
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EDITORIAL 

John  Dix 

Shopping  for 
carrier  services 
on  the  Web 


Telecom  portals  have  made  procuring  some  basic 
carrier  services  easier  than  ever,  but  these  are  still 
early  days,  and  relatively  few  people  seem  to  be  tak¬ 
ing  advantage  of  them. 

That  has  forced  some  portals  to  close  down,  but  a  num¬ 
ber  of  shops  are  pressing  forward,  evolving  their  businesses 
on  the  fly,  convinced  they  can  save  users  time  and  money 
when  shopping  for  everything  from  VPNs  to  OC-3s. 
Basically,  three  types  of  portals  have  emerged: 

•  Sales  agencies  —  Companies  such  as  Bandwidth.com 
(see  www.nwfusion.com,  DocFinder:  2439)  actually  sell 
carrier  services  and  only  use  the  Web  to  facilitate  cus¬ 
tomer  service  and  order/status  tracking.  Customers  use 
the  site  to  spell  out  what  they  want  — T-l,T-3,  frame, ATM, 
etc.  —  and  specialists  call  back  with  proposals  for  multi¬ 
ple  carriers.  If  the  customer  picks  one,  Bandwidth.com 
closes  the  deal  and  gets  a  commission. 

•  Sales  clubs  —  Carrier  sales  folks  pay  a  small  fee  to 
join  companies  such  as  Framerelay.net  and,  in  return,  get 
screened  leads.  Customers  use  the  service  to  shop  for  pri¬ 
vate  lines,  frame  relay,  high-speed  Internet  access,  ATM, 
VPNs  and  the  like.  Other  portals,  such  as  Telezoo.com,  ask 
carriers  to  pay  the  joining  fee  and  rely  on  the  carrier  to 
distribute  the  leads. 

•  Lead  referrals  —  Portals  such  as  Broadbandbuyer.com 
andTlanywhere.com  simply  collect  customer  information 
and  requirements,  forward  them  to  affiliated  carriers,  and 
earn  a  referral  fee  if  the  carrier  closes  the  deal.Broad- 
bandbuyer  says  it  deals  in  ISDN, T-l,T-3, DSL, OC-1  through 
OC-255,  Ethernet,  ATM.  frame, VPNs, etc.  Tlanywhere  is  one 
of  Speed  Anywheres  many  sites;  the  others  cater  to  T-3, 
business  DSL,  frame, VPN  and  telecommuting. 

The  first  thing  you’ll  notice  with  all  these  portals  is  the 
sites  are  fairly  rudimentary,  and  because  many  are  still 
evolving,  that  can  lead  to  some  confusion.  Framerelaynet, 
for  example,  has  links  that  lead  you  inexplicably  to 
Discountcall.com,  the  company’s  original  name. 

While  few  of  the  companies  will  discuss  how  well 
they're  doing,  Jamie  Ferraro,  co-founder  of  Broadband- 
buyer.com, says  business  is  growing  20%  month  over 
month.  In  August,  the  company  handled  500  service 
requests. 

Bruce  Judson, chairman  and  CEO  of  Speed  Anywhere, 
says  his  company  is  experiencing  exponential  growth, 
but  admits  that  even  as  it  grows,  the  company  constantly 
is  trying  to  figure  out, "How  do  we  make  it  better?” 

This  is  a  business  that  will  only  tolerate  companies  that 
answer  that  question  correctly.  Some  of  these  portals 
won  t  be  around  next  year. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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opinions 


Standard  issue 

It  wasn’t  until  I  read  through  the  fifth  or  sixth  para¬ 
graph  of  “Portal  standards  for  Web  services”  (www. 
nwfusion.com,  DocFinder:  2429)  that  I  realized  that 
the  authors  were  not  describing  existing  standards, 
but  those  that  are  in  development.  Many  of  your 
readers  might  think  the  Java  Portlet  and  Web  Ser¬ 
vices  for  Remote  Portals  “standards”  exist  today  and 
that  they  must  use  them  in  their  e-business  systems. 
Don’t  get  me  wrong, standards  of  this  nature  will  be 
extremely  beneficial,  but  don’t  confuse  people 
with  the  wrong  label.  Make  authors  be  clear  about 
existing  and  proposed  standards  up  front. 

Brad  Hoyt 
CTO 
Infraservices 
San  Mateo,  Calif. 

Not-so-new  technologies 

I  have  to  wonder  why  Naptha  and  Reflection  DoS 
are  considered  new  attack  technologies  in  Mandy 
Andress’  story  “Denial  of  service:  Fighting  back” 
(DocFinder:  2430).  Naptha  is  nearly  2  years  old; 
BindView’s  Razor  team  released  its  Naptha  advisory 
in  November  2000  (DocFinder:  2431). 

The  technique  is  a  slight  variation  on  a  SYN  flood, 
but  is  more  difficult  to  perform  because  it  requires 
the  attacker  to  predict  sequence  numbers  to  send 
the  final  ACK,  or  to  sniff  somewhere  along  the  trans¬ 
mission  path  of  the  SYN/ACK  packet  sent  by  the  vic¬ 
tim.  If  the  attacker  is  in  the  transmission  path,  there 
are  more  interesting  things  that  can  be  done  than  a 
DoS  attack. 

Reflective  DoS  is  even  older.  1  was  involved  in  a  dis¬ 
cussion  about  the  technique  during  Stephen 
Northcutt’s  intrusion-detection  system  course  at  the 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix.  Editor  In 
Chief,  Network  World,  1 1 8  Turnpike  Road.  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


System  Administration  and  Network  Security  In¬ 
stitute’s  Washington, D.C., conference  in  July  2000. 
Many  had  been  aware  of  it  for  at  least  two  years 
before  that.  The  reason  various  trade  press  writers 
have  reported  it  as  new  is  that  Steve  Gibson  asserted 
it  was  new  when  he  was  affected  by  it  this  January 
(http://grc.com/dos/drdos.htm).  He  took  credit  for 
discovering  a  new  distributed  DoS,  but  the  only 
thing  new  is  the  name  it  was  given. 

Paul  Cardon 
Columbus,  Ohio 

Andress  replies:  New  is  a  relative  term.  The  CERT 
advisory  for  SYN  floods  was  released  in  1996  (Doc¬ 
Finder:  2432),  so  an  attack  released  in  2000  was  con¬ 
sidered  new  for  this  story.  These  issues  are  not  like 
application  and  operating  system  vulnerabilities  that 
usually  are  patched  and  fixed  in  the  next  release.  SYN 
flooding  is  still  a  problem  after  six  years. 

As  for  Reflective  DoS,  the  concept  has  been  around 
a  while,  but  I  have  seen  an  increase  in  attacks  and 
some  different  mechanisms  for  launching  them  that 
needed  to  be  mentioned.  /  did  not  find  a  specific 
name  for  these  attacks,  so  I  put  them  under  the 
broader  category  of  reflective  attacks. 

Challenging  times 

I  enjoyed  your  story  “Challenging  times  for  telecom 
deals”  (DocFinder:  2433). Too  often  we  forget  the 
basics  of  doing  business  while  reading  of  one  prob¬ 
lem  after  another  in  the  telecom  arena. The  more  a 
company  sticks  to  the  basic  technology,  the  easier 
it  is  to  find  vendors  that  can  handle  your  business. 
New  technologies  and  integrated  access  device 
systems  often  lock  companies  into  a  direction  that 
does  not  let  them  move  to  new  service  providers. 

William  Sarine 
President 
FotsTek 
Raleigh,  N.C. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder  2425 
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BOHOM  LINE 

Joel  Snyder 


few  weeks  ago  NetWorld+Interop 
Atlanta  was  pronounced  dead  on 
arrival  (see  www.nwfusion.com,  Doc- 
Finder:  2428),  a  victim  of  economic  circum¬ 
stance  and  bad  timing  —  who  wanted  to  be  away  from  home  the  week 
of  Sept.  1 1?  N+I  was  a  much  smaller  show  than  in  years  past,  with  a 
smaller  exhibit  hall  and  fewer  attendees.  But  the  key  factors  that  make 
N+I  important  for  users  and  vendors  are  still  true. 

I  participated  in  N+l  as  part  of  the  iLabs  vendor-neutral  technology 
interoperability  demonstration.  From  what  I  saw,  there  are  huge  rea¬ 
sons  to  keep  supporting,  attending  and  exhibiting  at  trade  shows 
such  as  N+I: 

•  It’s  not  all  on  the  Web.  Certainly  huge  amounts  of  product  infor¬ 
mation  are  now  available  via  the  Internet.  But  to  really  learn  about  a 
product,  there’s  nothing  like  talking  to  the  vendor  directly  especially  the 
engineering  people.  For  example,  there  were  times  in  the  iLabs  when 
an  attendee  would  ask  a  question  about  the  specific  details  of  a  prod¬ 
uct  that  we  couldn’t  answer.  If  the  vendor  had  been  on  the  trade  show 
floor,  we  could  have  gotten  an  answer  or  a  contact  and  closed  the  loop. 

•  It’s  not  just  an  exhibit  floor.  Most  conferences  have  a  strong  edu¬ 
cation  component,  and  the  technologies  we  deal  with  are  getting 
more  complex  every  day.  Designing  and  installing  new  technologies 
such  as  voice  over  IRVPNs,  Windows  .Net  and  secure  wireless  net¬ 
works  is  an  order  of  magnitude  harder  than  just  getting  your  core 


Why  trade  shows  still  matter 


network  installed.  People  have  to  learn  how  to  do  that,  and  surfing 
Web  pages  and  reading  Complete  Moron’s  Guide  to  Security  is  not 
enough.  The  training  and  classes  at  conferences  such  as  N+I  are 
unmatched  —  it’s  what  you  need  to  do  your  job. 

•  It’s  not  just  you.  The  Internet  makes  communication  fast,  inexpen¬ 
sive  and  easy  but  you  have  to  know  who  you  want  to  talk  to  first. 
Conferences  are  an  ideal  way  to  network  with  your  peers  and  make 
contact  with  other  network  managers  trying  to  solve  the  same  prob¬ 
lems.  Many  times,  after  showing  a  group  of  attendees  something  in  the 
iLabs,  I  saw  them  huddle  and  exchange  business  cards,  having  found  a 
common  interest  and  reason  to  keep  in  touch. 

•  You  need  to  know  what  you  need  to  know.  Products  and  vendors 
are  constantly  coming  to  market.  Reading  Network  World  only  takes 
you  so  far. Wandering  the  aisles  of  a  trade  show,  especially  areas  such  as 
N+I’s  Startup  City  can  bring  interesting  new  products  to  your  attention. 
I’m  pretty  well  connected  to  what’s  going  on,  but  every  time  I  go  to  N+I, 
I  learn  about  really  interesting  new  products  and  companies. 

The  trade  show  business  definitely  has  some  room  to  contract  — 
perhaps  N+I  is  better  off  doing  one  big  show  a  year  rather  than  two. 
But  it’s  not  in  anyone’s  interest  for  it  to  go  away  entirely. 

Snyder,  a  Network  World  Test  Alliance  partner,  is  a  senior  partner  at 
Opus  One  in  Tucson,  Ariz.  He  can  be  reached  at  Joel. Snyder 
@opusl  .com. 


There  are  huge 
reasons  to  keep 
supporting, 
attending  and 
exhibiting  at 
trade  shows 
such  as  N+I. 


INDUSTRY  COMMENTARY 

Frank  Dzubeck 


i 


n  two  previous  columns  I  presented  an 
evolutionary  vision  of  the  future  of  com¬ 
puting  and  networking  based  on  the  grid 
and  Web  services  (see  www.nwfusion.com, 
DocFinders:2426  and  2427).  In  reality,  the  grid  is  in  its  infancy  with  a  pri¬ 
mary  focus  on  computational  computing  and  a  secondary  focus  on 
database  computing.  The  yet-to-be-tackled  problem  of  transactional 
computing  —  the  major  form  of  computing  within  corporations  today 
—  is  still  in  its  earliest  research  phase  within  vendor  laboratories.  If  suc¬ 
cessful,  applying  the  grid  to  transactional  computing  will  forever 
change  the  course  of  computing  and  bandwidth  demand. 

The  grid  has  become  a  hot  topic  within  business  segments  such  as 
the  pharmaceutical,  financial  services  and  automotive  industries  look¬ 
ing  to  reduce  product  time  to  market,  lower  supplier  costs  and  com¬ 
petitively  price  services.  It  is  being  looked  at  as  an  IT  tool  to  simplify  cor¬ 
porate  structure  and  improve  employee  productivity. 

One  interesting  development  in  the  grid  is  that  many  business  seg¬ 
ments  have,  with  government  research  budget  assistance,  created  use¬ 
ful  grid  projects  in  the  university  environment. The  University  of  Penn¬ 
sylvania  has  implemented  a  significant  healthcare  application  that 
creates  a  data  grid  of  mammography-image  databases  that  will  let  pat¬ 
tern-matching  software  assess  millions  of  images  for  early  warning  and 
predictive  medicine  applicable  to  breast  cancer.  Purdue  University  and 
Indiana  University  are  creating  millions  of  “virtual  consumers”  using  a 
fiber-connected  grid  to  model  and  predict  consumer  reaction  to  prod¬ 
uct  introductions,  pricing  and  marketing  campaigns. 

The  success  of  the  investment  partnership  between  the  government 
and  universities  has  allowed  for  collaboration  of  computing  resources 
between  corporations  and  the  university  environment.  The  TeraGrid 
Project  links  distributed  research  laboratories  and  university  comput¬ 
ing  facilities  into  a  Gigabit  Ethernet-connected  computing  grid,  result¬ 
ing  in  a  13.6-teraflop  virtual  computer,  with  450  terabytes  of  storage, 
operating  as  a  Linux  open  computing  platform.  The  North  Carolina 
Bioinformatics  Grid  links  corporate  and  university  computing  and  stor¬ 
age  facilities  into  a  scalable  collaborative  life  sciences  environment 
within  the  state. 


Reality  strikes  the  grid 


Based  on  current  implementation  research, approximately  30%  of  the 
cost  of  grid  implementation  is  for  software.  The  use  of  Web  services  as 
an  application  and  database  integration  tool  begins  to  bring  full  focus 
on  the  limitations  of  current  intergrid  implementations.  By  definition, 
Web  services  are  described  using  XML.  A  number  of  problems  have 
come  to  light  in  current  Web  services  implementations,  the  first  and 
most  obvious  being  the  lack  of  security  The  good  news  is  that  new 
security  committees  in  standards  bodies  are  addressing  missing  links 
in  authorization, policy  trust  and  privacy  The  anticipated  set  of  new  Web 
services  security  standards  will  become  available  in  late  2003. 

The  second  problem  —  XML  overhead  —  is  viewed  as  a  network  and 
a  processing  issue. XML  encapsulation  of  datastreams  and  coordination 
conversation  might  create  network  latency  and  scaling  problems.The 
delays  XML  processing  introduces  within  the  server  also  might  create 
significant  quality  of  service  (QoS)  performance  problems  in  a  Web  ser¬ 
vices  application.  A  new  type  of  network  product  called  an  XML  accel¬ 
erator  addresses  the  problem.  This  is  a  processor  off-load  issue  that 
today’s  software  vendors  recognize  but  cannot  fully  address. 

The  third  problem  is  even  more  subtle  but  just  as  significant  —  XML 
denial  of  service  (DoS).  Malicious  coordinated  XML  traffic  flow  can 
create  serious  degradation  or  a  complete  breakdown  in  application 
and  database  processing.  This  is  a  problem  that  needs  greater  focus 
within  existing  and  potential  Web  services  implementations. Soon  to  be 
available  are  sophisticated  XML  network  security  product  that  identify, 
filter  and  eliminate  DoS  attacks. 

Grids  are  here  to  stay  but  they  and  Web  services  are  still  very  much 
emerging  technologies.  All  the  protocol  and  operational  problems 
encountered  in  the  widespread  use  of  IP  for  interoperability, scalability, 
QoS,  security  and  management  have  analogous  problems  in  the  XML 
world.  Ignoring  this  will  have  the  IT  industry  spinning  its  wheels  instead 
of  growing  at  a  rapid  pace  to  meet  the  productivity  and  cost  reduction 
demands  of  its  enterprise  customers. 


Grids  are  here  to 
stay,  but  they 
and  Web  services 
are  still  very 
much  emerging 
technologies. 


Dzubeck  is  president  of  Communications  Network  Architects,  an 
industry  analysis  firm  in  Washington,  D.C.  He  can  be  reached  at 
fdzubeck@commne  torch,  com. 
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networking  show*  Because  they  know 
they'll  get  an  up-close  look  at  the  very 
latest  networking  technologies, 
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Or  call  1-866-266-6389. 


[here  leaders  network 


C3MNET 


CONFERENCE  &  EXPO 


Flagship  Sponsor 

NetworkWorld 


www.comnetexpo.com 


©COMNET  Conference  &  Expo.  All  rights  reserved.  All  other  trademarks  contained  herein  are  the  property  of  the  respective  owners. 


Silver  Anniversary  Sponsor: 

Adirati 


9/30/02  NctworkWorld 


Here’s  what  you 
need  to  know  to  deploy 
Platform  for  Privacy  Preferences 


on  your  Web  site. 


BY  THOMAS  POWELL,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 


What  P3P  defines 

Who  is  collecting  data? 

Where  is  the  readable 
privacy  policy? 

What  data  is  collected? 

For  what  purposes  will 
collected  data  be  used? 

Is  there  the  ability  to  opt-in  or 
opt-out  of  some  data  uses? 

Who  are  the  data  recipients, 
including  anyone  beyond  the 
data  collector? 

To  what  information  does  the 
data  collector  provide  access? 

How  long  is  collected  data 
retained? 

How  should  privacy  disputes 
related  to  the  policy  be  resolved? 


The  rise  of  e-business  has  led  to 
a  tidal  wave  of  data  being  col¬ 
lected  about  Web  site  visitors, 
ranging  from  basic  informa¬ 
tion  to  rich  profiles  built  out  of 
user-submitted  forms.  However,  what  exactly 
is  collected,  shared  and  acted  on  isn’t  al¬ 
ways  evident  to  end  users.This  might  lead  to 
trust  problems  between  site  visitors  and  site 
owners,  resulting  in  loss  of  business  and 
even  legal  problems. 

Privacy  policies  are  meant  to  describe  what  a  company 
does  with  the  information  it  gathers  from  Web  visitors.The 
problem  is  todays  privacy  policies  are  often  difficult  to 
find,  are  overloaded  with  technical  jargon  and  legalese, 
and  are  just  plain  hard  to  understand.  It’s  no  wonder  that 
few  users  read  them. 

The  World  Wide  Web  Consortium’s  (W3C)  Platform  for 
Privacy  Preferences  (P3P)  1 .0  aims  to  give  users  more  con¬ 
trol  over  how  Web  sites  use  their  personal  information  by 
providing  machine-readable  privacy  information  that  lets 
them  act  on  what  they  see. 

Deploying  P3P  requires  converting  the  privacy  practices 
of  your  organization  into  P3P  format.To  do  this,  use  a  P3P 
editor  such  as  the  aptly  named  P3P  Editor  or  an  online  pol¬ 
icy  generator  such  as  P3P  Edit.These  tools  prompt  you  to 
answer  a  series  of  multiple-choice  questions  regarding 
major  aspects  of  your  site’s  privacy  policy  This  information 
is  used  to  generate  a  full  XML-based  P3P  policy  and  a  com¬ 
pact  policy  that  is  presented  as  a  simple  HTTP  header. 
When  a  P3P-aware  browser  such  as  Microsoft  Internet 


Explorer  6  or  Netscape  7  visits  a  Web  site,  it  will  attempt  to 
retrieve  the  P3P  policy  to  make  privacy  decisions.  The 
browser  looks  in  a  well-known  place  off  the  root  directory 
—  /w3c/p3p.xml  —  for  the  full  file  or  a  small  XML  file  or 
HTTP  headers  that  point  to  the  full  policy  The  P3P-aware 
browser  parses  the  policy  compares  it  with  privacy  require¬ 
ments  a  user  sets  in  his  browser  preferences,  and  either 
allows  access  to  the  site,  warns  the  user  or  restricts  access 
(see  graphic,  page  42). 

But  today,  most  P3P  implementations  do  not  generally 
operate  using  the  full  P3P  policy  Instead  browsers  such  as 
Internet  Explorer  6  and  Netscape  7  support  only  the  com¬ 
pact  policy  form  of  P3P 

The  compact  policy  focuses  primarily  on  cookie  usage 
with  a  short  set  of  keywords  transmitted  by  HTTP  head¬ 
ers.  Setting  the  HTTP  headers  can  be  accomplished  pro¬ 
grammatically  if  pages  are  generated  using  a  technology 
such  as  Active  Server  Pages,  PHP:  Hypertext  Preprocessor 
or  Java,  by  setting  a  server  configuration,  or  be  using  a  Web 
server  add-on. 

For  example,  in  the  case  of  Apache  you  might  use  the 
mod  headers  module,  while  on  Internet  Information 
Server, you  could  use  Microsoft  Management  Console  to 
set  HTTP  response  headers,  including  P3P  compact  policy 
values.  You  can  find  the  W3Cs  full  deployment  guide,  in¬ 
cluding  server  configuration  information,  at  wwww3.org/ 
TR/p3pdeployment. 

Once  a  P3P  compact  policy  is  set  and  issued  to  a  visitor, 
the  browser  compares  the  policy’s  privacy  statements  with 
the  user’s  cookie  acceptance  policy  and  reje'  rs.ck  me:.  •  >. 
modifies  the  properties  of  the  cookie 

Real-world  usage 

One  of  the  challenges  with  implementing  -T  is  s  ki’.-g 
sure  your  company’s  privacy  policy  is  weli-f ho-! ight  out, dis¬ 
cussed  and  accepted  internally  This  is  we!i  beyond  the 
realm  of  Web  administrators,  and  bridges  legal  and  busi¬ 
ness  issues  with  technology  However,  this  ;sn  mally  the 
biggest  problem  with  privacy  technologies  such  as  P3P  — 


plan 


Further  trust 
might  come 
from  use  of 
page  privacy 
seals. 


P3P  in  action 

Sites  that  use  P3P  let  Web  surfers  know  what  information 
is  being  collected  about  them  and  how  it  will  be  used. 


0  User  requests  page  with 
P3P-aware  browser. _ 


©  Web  server  fullfills  request,  returning 


page  along  with: 

Compact  policy 
transmitted  via 
HTTP  response 
headers,  and/or... 


...pointer 

...no 

to  full  P3P 

P3P 

policy  in 

data. 

XML,  or... 

©  Browser  inspects  response  and 
compares  with  user’s  privacy  and 
cookie  preferences,  warning  user  or 
rejecting  cookies  if  P3P  policy  is  non¬ 
existent  or  doesn’t  match  set  privacy 
levels.  Otherwise,  page  loads  normally. 


HTTP  1.1/200  OK 
P3P:  policy="privacy.xml" 
CP=“N0N  DSP  COR  CURa..." 


<META 

XMLNS="..."> 


<POLICY-REFERENCES> 


</POLICY-REEERENCES> 

</META> 

;  V  _ J 


□r 

c 

y 

Web  server 


it’s  considering  end  users  and  how  they  use 
technology  in  a  realistic  manner. 

Users  who  actually  rely  on  today’s  browser  P3P 
implementations  will  find  that  they  just  don’t  go 
far  enough.  While  they  allow  for  cookie  man¬ 
agement,  which  is  for  many  people  the  root  of 
the  privacy  question,  they  don’t  get  into  any  de¬ 
tailed  decisions  about  data  usage  or  provide 
much  information  to  end  users  about  what  types 
of  policy  practices  are  in 
place.  Web  surfers  might  want 
to  consider  using  a  P3P 
browser  add-on  such  as 
AT&T’s  Privacy  Bird,  which 
provides  more  complete  P3P 
policy  handling. 

During  everyday  testing,  the 
privacy  bird  icon  chirped  all 
the  time,  indicating  no  infor¬ 
mation  about  sites,  although  it 
did  caw  loudly  a  few  times 
when  it  found  sites  issuing  pri¬ 
vacy  policies  inconsistent  with 
the  set  privacy  preferences. 

With  so  few  sites  having  privacy  policies, some 
would  argue  that  P3P  provides  little  value  to  end 
users  at  this  point.  While  some  surveys  suggest 
that  upwards  of  25%  to  30%  of  major  sites  have 
privacy  policies,  a  survey  of  more  than  850,000 
sites  from  SecuritySpace.com  showed  that  less 
than  5%  of  them  have  compact  policies  —  the 
ones  that  would  actually  matter  today 

Even  when  policies  exist,  users  might  be 
skeptical.  According  to  a  recent  Harris  Inter¬ 
active  survey,  most  users  don’t  trust  online  cor¬ 
porations  to  handle  their  personal  information 
properly  and  would  like  to  see  third-party 
auditing  be  a  requirement  for  Web  sites.  Users 
worry’  that  companies  will  share  collected  per¬ 


sonal  data  with  others  or  that  information 
might  be  stolen  by  hackers  or  others,  poten¬ 
tially  resulting  in  identity  theft  or  annoyances 
such  as  unsolicited  e-mail. 

Trust  and  enforcement 

Today  various  “approved  seal”  organizations 
such  asTRUSTe  and  BBB  Online  help  improve 
the  data-handling  trust  problem.  Data-collecting 
sites  increasingly  post  privacy 
seals,  although  deployment  is 
not  ubiquitous.  What’s  more, 
such  programs  beg  the  ques¬ 
tion  of  whether  users  know 
and  trust  these  approving  or¬ 
ganizations,  and  if  these  orga¬ 
nizations  have  any  bite  with¬ 
out  legislation  in  place  to 
penalize  privacy  offenders.  So 
far  the  trend  seems  toward  in¬ 
dustry  self-regulation,  which 
suggests  that  freewheeling 
data  collecting  and  sharing 
can  continue  as  long  as  users 
are  supposedly  informed. 

To  decrease  risk  of  potential  legal  problems, 
monitor  adherence  to  your  firm’s  privacy  poli¬ 
cies  and  clearly  inform  employees  of  the  ramifi¬ 
cations  of  site  privacy.  All  too  often  privacy  poli¬ 
cies  are  crafted  by  a  small  number  of  people 
such  as  lawyers  or  site  builders,  but  other  em¬ 
ployees  who  come  into  contact  with  collected 
data  don’t  understand  the  privacy  policy  any 
more  than  a  site’s  visitors. 

Emerging  privacy  monitoring  and  auditing 
technology,  including  ZeroKnowledge  Enter¬ 
prise  Privacy  Manager,  Watchfire  Web  CPO  and 
IBM  Tivoli  Privacy  Manager,  might  help  you 
watch  internal  data  collection  and  usage,  but 


More  online! 


•  Find  out  what  other  privacy-related 
issues  worry  users. 

DocFinder:  2422 


they  will  never  provide  the  required  assurances 
to  make  sure  the  data  is  not  misused. 

It’s  a  good  idea  to  add  compact  P3P  policies  to 
your  sites  to  improve  user  trust.  But  in  the  final 
analysis,  understand  that  privacy  on  the  Web  will 
not  be  solved  solely  by  technologies  such  as  P3P 
Technology  will  only  provide  a  framework  in 
which  policies  can  be  presented.  Education  and 
enforcement  also  are  required. 

Powell  is  president  of  PINT,  a  San  Diego  Web 
services  firm,  and  the  author  of  numerous 
books  on  Web  development  practices.  He  can  be 
reached  at  tpowell@pint.com. 


■  Powell  is  also  a  member  of  the  Network 
World  Global  Test  Alliance,  a  cooperative  of  the 
premier  reviewers  in  the  network  industry,  for 
more  Test  Alliance  information,  including  what  it 
takes  to  become  a  member,  go  to  www.nwfusion. 
com/alliance. 


Other  members:  Mandy  Andress,  ArcSec.  John 

Bass,  Centennial  Networking  Labs,  North  Carolina 
State  University,  Travis  Berkley,  University  of 
Kansas.  Bob  Currier,  Duke  University.  Jeffrey 
Fritz,  West  Virginia  University.  James  Gaskin, 
Gaskin  Computing  Services.  Greg  Goddard. 
University  of  Florida.  Thomas  Henderson, 
ExtremeLabs.  Miercom,  Inc.,  Network  Consultancy 
and  Product  Test  Center.  David  Newman, 
NetworkTest.  Christine  Perey,  Perey  Research  & 
Consulting.  Barry  Nance,  Independent  Consultant. 
Joel  Snyder.  Opus  One. 
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Choose  your  weapons 

You  need  to  deploy  a  variety  of 
tools  to  secure  your  network 


Start  with 

Server  security  configuration  checklists  at: 

www.cisecurity.com 

www.microsoft.com/technet/itsolutions/security/tools/tools.asp 

http://httpd.apache.org/docs/misc/security_tips.html 

www.sun.com/security/blueprints/ 

Managed  vulnerability  scanning  services  from: 

Beyond  Security 
Foundstone 

Mercury  Interactive/Sanctum 

Qualys 

Ubizen 


The  new  rules  of  engagement  for  network 


Layer  in 

Intrusion-detection  systems  from: 


Blue  Lance 
Cisco 

Enterasys  Networks 
IntruVert  Networks 
NFR  Security 


security:  Trust  no  one,  authenticate  everyone, 
protect  important  data  wherever  it  is. 

■  BY  SUZANNE  GASPAR 


Symantec 

Tripwire 

Role-based/policy-based  controls  from: 

Entercept  Security  Technologies 
Entrust  Get  Access 
IBM  Tivoli  Access  Manager 
IBM  Access360  enRole 

Microsoft  Active  Directory  with  Kerberos  and  Group  Policy  Objects 
Netegrity  SiteMinder 
Oblix  NetPoint 
Okena 

Palisade  FireBlock 
PentaSafe  Security  Technologies 
RSA  Security  Clear  Trust 

Application  security  from: 

Ingrain  Networks 

Sanctum 

Ubizen 

Whale  Communications 


Top  off  with 

Trusted/hardened  opera 


fed/hardened  operating  systems  from: 

Argus  Systems  Group 
Hewlett-Packard 

Sun 


Security  used  to  mean  setting  up  a  fire¬ 
wall  as  a  perimeter  line  of  defense  with 
trusted  users  on  the  inside  and  untrust¬ 
ed  users  on  the  outside.  But  in  todays 
world  of  remote  workers,  trading  part¬ 
ners,  e-commerce  customers  and  inter¬ 
nal  hackers,  that  perimeter  line  has  been 
blurred  beyond  recognition. 

An  effective  security  strategy  needs  to  be  far  more 
flexible  and  sophisticated  than  just  posting  a  guard 
at  the  gate  to  your  network.  The  new  model  for  net¬ 
work  security  calls  for  protecting  data  wherever  it  is 
and  trusting  no  one  completely  wherever  they  are, 
according  to  security  experts. 

The  recommended  approach  is  to  classify  data 
based  on  its  importance  and  then  to  set  up  different 
layers  of  protection.  The  same  goes  for  users.  They 
need  to  be  classified  for  the  purposes  of  authoriza¬ 
tion  based  on  their  roles  and  their  need  to  access 
specific  applications.  And  the  network  needs  to  be 
divided  into  zones  based  on  trust  levels. 

There  are  a  variety  of  tools  at  your  disposal. 
Antivirus  software,  encryption  and  VPNs  can  scour 
and  shroud  your  data.  Passwords,  smart  cards  and 


policy  enforcement  software  can  guard  servers  and 
network  zones  from  unauthorized  access.  The 
strongest, yet  most  expensive,  armor  lies  in  trusted  or 
hardened  server  operating  systems. 

Once  the  tools  are  in  place,  you  need  to  monitor 
the  effectiveness  of  your  efforts  through  internal  traf¬ 
fic  monitoring,  logging  and  auditing,  which  can  pro¬ 
vide  pre-emptive  analysis  and  alerts  for  fending  off 
attacks. 

Policy  first 

A  secure  network  starts  with  a  policy  that  has  bud¬ 
get  support  and  executive-level  backing.  It’s  the  poli¬ 
cy  that  determines  the  architecture  and  infrastruc¬ 
ture  needed  to  secure  your  data.  It  defines  user  roies 
and  enforces  access  to  information. 

“Who  needs  access  to  what”  is  the  biggest  decision 
an  organization  needs  to  make, says  Doug  Jacobs*  m, 
CTO  for  Palisade  Systems,  a  security  device  manu¬ 
facturer  in  Ames,  Iowa. 

It  might  be  human  nature  to  trust  the  people  you 
hire,  Jacobson  says,  but  it’s  not  a  good  way  to 
approach  security  “The  tendency  is  to  give  more 
access  than  should  be,  either  because  its  easier  or 
because  somebody  asks  for  it,' he  says. 

Users  exceeding  their  level  of  access  is  a  major 
problem  that  affects  60%  to  75  >  of  companies  says 
Gartner  analyst  John  Pescatore. 

At  minimum,  companies  need  to  control  access 


NctworkWorld  9/30/02 


via  role-based  authorization  tools.  And  for  companies 
that  allow  network  access  to  business  partners,  contrac¬ 
tors  or  alliance  members,  these  controls  need  to  cross 
organizational  boundaries.  “Companies  can  get  burned 
when  their  business  partner  turns  into  a  competitoif 
Pescatore  says. 

“They  are  not  really  outsiders  because  they  have  a  trust¬ 
ed  door  on  your  network,”  Jacobson  says.  “If  they  are  a 
cause  of  a  problem,  intentional  or  unintentional,  policy 
can  say  to  sever  the  connection  or  have  varying  degrees 
of  reaction.” 

Policy-based  access  controls  can  limit  individual 
access  to  specific  servers,  applications  and  even  to  dif¬ 
ferent  documents  within  an  application. The  recent  ratifi¬ 
cation  of  the  XML-based  digital  signature  standard  and 
the  XML-based  encryption  standard  will  allow  access 
control  at  the  data  level  within  a  specific  document,  so 
that  some  of  the  data  fields  get  encrypted. 

“It  has  always  been  talked  about,  and  essentially  been 
impossible  to  do,”  Pescatore  says.  The  ability  to  encrypt 
specific  parts  of  a  document  previously  existed  only  in 
specialized  electronic-forms  applications.such  as  Adobe 
Acrobat,  and  has  not  been  possible  with  Microsoft  Word 
documents  or  Oracle  databases. 

Modern  security  architecture  is  about  letting  people  in, 
but  not  giving  them  more  access  than  needed,  says  Jeff 
Drake,  executive  vice  president  and  co-founder  of 
Access360,  an  Irvine,  Calif.,  software  manufacturer. 
“There’s  a  difference  between  granting  you  access  to  our 
sales  database  and  granting  access  to  specific  data  in  the 
database,”  he  says. 

Policy  needs  to  be  the  broad  umbrella  under  which 
role-based  access,  even  time-based  access  control,  can 
be  enforced,  Pescatore  says. 

Hardening  the  operating  system 

The  strongest  security  protection  available  today  is  a 
trusted  operating  system  or  software  used  to  harden 
operating  systems.  But  few  companies  have  been  willing 
to  harbor  the  expense  and  administrative  burden  of 
using  these  technologies  to  lock-down  data  and  systems. 

“Today,  it’s  government,  but  in  the  future  more  financial 
businesses  are  going  to  say, ‘Even  while  we  know  it’s  you 
on  the  network,  we  want  to  watch  what  you’re  doing,’” 
Pescatore  says. 

The  idea  of  not  trusting  trusted  users  is  gaining 
momentum  in  the  merchant  world.  Visa  is  ratcheting  up 
the  pressure  on  online  merchants  to  encrypt  specific 
types  of  information. Visa  also  is  sensitive  to  the  expense 
in  requiring  merchants  to  harden  all  server  operating  sys¬ 
tems  when  only  the  credit  card  numbers  are  its  concern, 
Pescatore  says.“Visa’s  saying  there’s  a  need  to  protect  spe¬ 
cific  information,  but  it’s  not  necessary  to  harden  every 


server  to  do  that,”  he  says. 

But  for  businesses  that  have  a  need,  a  trusted  operating 
system  or  a  hardened  operating  system  is  the  best  inter¬ 
nal  defense. These  systems  let  users  in  but  only  let  them 
access  certain  applications  or  files,  and  prevents  users 
from  making  unauthorized  changes. 

They  isolate  applications  at  the  operating  system  level 
to  eliminate  the  problem  of  a  hacker  taking  over  a  whole 
machine.  They  can  restrict  port  activity,  access  to  other 
systems,  and  essentially  will  let  you  define  the  limits  of  a 
program’s  actions. 

However  there  are  cost  and  other  issues  with  deploying 
trusted  and  hardened  operating  systems.  First,  there  is  an 
expense  because  you  need  to  install  the  new  operating 

"Who  needs  access 
to  what”  is  the 
biggest  decision  an 
organization  needs 
to  make. 

Doug  Jacobson 
CTO,  Palisade  Systems 


system  manually  on  every  server  and  update  it  when 
new  versions  are  released. 

And  staffers  need  to  be  trained  in  how  to  administer  a 
slightly  different  version  of  the  operating  system, 
Pescatore  says.  “When  a  new  version  of  an  application 
comes  out,  it  may  not  work  with  the  hardened  or  trusted 
version  of  the  operating  system,”  he  says. 

While  trusted  operating  systems  offer  good  security 
they  also  can  conflict  with  other  applications.  As  a  result, 
someone  might  decide  to  uninstall  the  trusted  software, 
Pescatore  says.  “I’m  the  Web  master,  and  my  pager  goes 
off  at  2  in  the  morning.  I  find  the  Web  server’s  down.  I  rip 
out  the  security  software  and  the  Web  server  works 
again,”  he  says. 

A  firewall  on  every  server 

A  lower-cost  option  is  to  deploy  firewalls  that  are  inte¬ 
grated  into  the  operating  system.  Multiple  firewalls  and 
network  zones  can  be  deployed  to  protect  access  to 
internal  network  resources. 


The  impending  launch  of  Web  services  will  require 
companies  to  make  their  internal  networks  more  secure. 
“If  you  think  about  it.  what  Microsoft  .Net  and  what 
SunONE,  all  these  Web  services,  are  doing,  is  making  it 
easier  for  an  application  inside  the  firewall  to  talk  to  an 
application  outside  the  firewall,”  Pescatore  says.  “That 
connection  going  through  the  firewall  means  it's  landing 
on  some  internal  server,  and  that  server  better  be  secure." 

Microsoft  might  need  to  make  its  own  operating  system 
more  secure, and  just  like  Solaris9  now  ships  with  a  built- 
in  firewall,  Microsoft  .Net  also  might  be  shipped  with  a 
firewall  built  in  to  the  operating  system,  he  says. 

Having  a  firewall  built  into  the  operating  system  means 
you  can  have  a  firewall  on  every  server,  and  that’s  less 
expensive  than  putting  a  firewall  in  front  1,000  servers  at 
a  cost  of  $5  million.  The  cost  of  a  firewall  built  into  an 
operating  system  is  negligible,  Pescatore  says.“Solaris9  is 
the  same  price,  but  it  just  has  a  firewall  built  in,”  he  says. 

A  built-in  firewall  is  similar  to  deploying  a  trusted  or 
hardened  operating  system  because  it  provides  integrat¬ 
ed  management  of  the  operating  system  and  the  firewall. 
It’s  different  because  firewalls  focus  on  protocols  and 
connections,  and  less  on  software  running  on  the  server. 

Zone  defense 

Segregating  critical  resources  into  network  zones  is  a 
common  security  practice  for  assigning  different  privi¬ 
leges  and  controls.  Christophe  Huygens,  CTO  for  Ubizen 
which  offers  managed  and  application  security  services, 
says  most  companies  typically  establish  four  zones:  an 
untrusted  external  segment,  a  completely  trusted  inter¬ 
nal  segment  and  two  boundary  zones  where  information 
is  served  up  to  the  outside  world  via  Web  servers,  mail 
gateways  and  domain  name  servers. 

The  zone  that  needs  top  security  gets  trusted  operating 
systems,  the  moderate  security  zone  gets  policy  enforce¬ 
ment  software,  at  the  very  minimum.  But  firewalls  and 
trust  zones  need  to  be  employed  on  the  internal  network 
in  conjunction  with  monthly  vulnerability  assessments, 
Pescatore  says. 

“We’re  advocating  that  companies  consider  managed 
services  to  perform  vulnerability  scanning  on  a  daily 
basis,”  he  says.  Companies  tend  to  scan  internal  servers 
less  when  they  are  inside  the  firewall. 

“That’s  been  a  major  issue  because  there’s  so  many 
servers,”  he  adds. 

It  comes  down  to  money  and  a  decision  on  whether 
the  cost  of  compromised  data,  such  as  stolen  credit  card 
numbers,  justifies  the  expense  of  implementing  strong 
security  measures,  says  Jacques  Hale,  a  Butler  Group 
Associate  analyst. “Security’s  not  cheap,  but  there’s  a  cost 
in  not  having  it,”  he  says.  ■ 
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Six  tactics  to  minimize  internal  security  risks 

■  '  '  ■  '  »  tV- 

Assign  Arm  Control  Employ  Monitor  Update 

administrative  laptops  with  data  access  with  host-based  and  internally  for  and  test  application 

rights  to  multiple  personal  firewalls,  policy,  zones  and  network-based  unauthorized  Web  patches;  validate 

staff;  perform  VPNs,  authentication  firewalls,  encryp-  intrusion-detection  and  FTP  servers,  configuration 

background  software  and  tion  and  trusted  or  systems  on  peer-to-peer  file  changes;  compare 

checks;  apply  encryption.  hardened  operation  internal  systems,  sharing  and  file  alerts  data  to  log 

logging  and  systems.  servers  and  altering.  data, 

auditing.  desktops. 
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uaaa  software 

SELF 

HEALING 

PLAY 


BOY  BAND  SINGS 
UNEXPECTED  HIT 


1  ]  WIN  WITH  SELF-MANAGEMENT:  Whether  it’s  boy  bands  or  rubber 
bands,  software  that  effectively  manages  an  e-business  is  essential.  But 
software  that  corrects  problems  before  they  occur?  That’s  extraordinary. 


2]  WIN  WITH  TIVOLI:  Unlike  other  solutions  that  tell  you  you’ve  violated 
a  service  level  agreement  after  the  fact,  Tivoli  software  detects 
trends  and  makes  adjustments  before  things  go  awry.  Tivoli.  Part  of  our 
software  portfolio,  including  DB2?  Lotus®  and  WebSphere® 


3]  MAKE  THE  PLAY:  Visit  ibm.com/tivoli/unexpected  and  download 
a  free  buyer’s  guide  on  how  to  meet  your  service  level  agreements. 
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In  through  the  out  door 


John  Taylor,  chief  technologist  for  DuPont's  IT  department  in  Wilmington.  Del., 
wants  to  turn  his  network  inside  out. 

Like  most  IT  executives  who  focus  on  security.  Taylor  faces  a  dilemma.  He  needs 
to  let  outsiders,  such  as  business  partners,  access  his  network  servers.  He  also 
needs  to  provide  easy  access  to  tlie  network  for  employees  who  are  working  out¬ 
side  the  firewall. 

But  if  his  network  defenses' are  porous,  how  does  he  keep  out  viruses?  How  does 
he  keep  out  hackers?  How  does  he  keep  employees  inside  the  firewall  from  open¬ 
ing  executable  files  that  wreak  havoc? 

One  radical  fix  might  involve  putting  all  the  client  desktops  on  the  Internet, 
Taylor  says.  By  putting  everybody  on  the  outside,  network  security  becomes  con¬ 
ceptually  easier  because  the  whole  notion  of  the  insider  goes  away. 

Taylor  emphasizes  that  this  idea  is  still  in  the  planning  stages.  “We  have  a  dis¬ 
tinctive  approach  under  study.  We  are  figuring  out  what  it  will  take  to  roll  it  out,” 
he  says. 

More  than  half  of  DuPont’s  65,000  PCs  are  portable,  and  they  already  go  outside 
the  perimeter  for  legitimate  business  purposes. 

Those  laptops  are  equipped  with  VPN  software  from  Aventail  to  ensure  a  secure 
connection  while  the  devices  are  remote.  But  viruses  can  infect  the  laptop  and 
begin  to  spread  when  the  user  connects  back  at  the  office. 

“I  am  potentially  exposing  myself  to  the  risks  of  pathogens  that  1  can  carry  back 
in  to  the  office,”  Taylor  says.  “It  is  potentially  lethal  stuff  coming  from  all  over  the 
place." 

Putting  all  the  desktops  on  the  Internet  simplifies  enterprise  security  because 
there  aren’t  any  outbound  requests  going  through  the  perimeter,  just  inbound 
requests,  Taylor  says.  Traffic  is  limited  to  only  what  the  servers  expect,  which  cre¬ 
ates  a  more  manageable  situation  and  a  stronger  security  policy. 

“You  essentially  face  two  choices,  separate  desktops  from  servers  or  create  a  pri¬ 
vate  network  for  the  desktops,  another  for  your  servers  and  then  apply  security,” 
he  says. 

Taylor  says  managing  two  private  networks  is  unaffordable.  But  because  the  bulk 
of  his  desktops  already  visit  the  Internet  anyway,  his  strategy,  if  implemented, 
would  be  to  cut  the  LAN  cables  between  desktops  and  servers  and  provide  the 
desktops  with  added  security  features  such  as  personal  firewalls,  antivirus  and 
VPN  software,  and  RSA  Security  SecurlD  tokens  for  authentication. 

Taylor  understands  that  this  model  might  not  be  popular  with  users,  who  would 
need  an  increased  level  of  technology  know-how  because  they  would  be  required 
to  manage  their  personal  firewall  and  to  pass  through  new  authorization  and 
access  control  gateways. 

“You  might  think  of  it  as  a  new  form  of  literacy.  In  a  wired  society  then 
acy  requirement  to  maintain  your  own  safety,”  Taylor  says. 

He  says  IT's  task  would  be  to  make  the  outsider  experience  for 
network  just  as  easy  as  it  was  when  users  connected  directly  ov 
cable.  “We  can’t  afford  to  have  a  personal  mechanic  on  the  help 
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user.  We’d  want  to  reduce  that  cost  to  zero,”  he  says. 

Christophe  Huygens,  CTO  for  Ubizen,  says  Taylor ’fc 
tltene  are  some  serious  obstacles.  \  |§ 

First,  personal  firewalls,  encryption  software  and,  other  sec- 
formed  on  an  end  user's  desktop  can  be  intrusJvejOotS  of 
example)  and  can  use  up  a  significant  amount£inet 
the  computer. 

“It’s  difficult  to  build  a  secure  desktop,  ar] 
stays  in  place,"  Huygens  says. 

Then,  there’s  the  whole  issue  of  mauagen 
would  perform  tasks  such  as  simple  s 
Microsoft  or  Tivoli  Systems  management 
directly  connected  to  the  IAN  manage 
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John  Taylor,  chief  technologist 
at  DuPont,  is  looking  into  a  dif¬ 
ferent  approach  to  security  by 
putting  all  the  client  desktops 
on  the  Internet. 


DuPont  is  considering  taking  65,000  desktops  off  the  corporate  LAN 
and  requiring  end  users  to  access  the  network  through  a  VPN. 


O  SOHO  and  mobile  users 
access  the  network  via 
a  token  authenticated, 
client  initiated  VPN  with 
a  predetermined 
timeout  period. 


0  Desktops  are  equipped  with  personal  ©  Every  printer  is 
firewalls,  antivirus  software  and  client  networked  and 
VPN  software.  Desktops  access  the  capable  of  printing 

network  via  the  VPN.  encrypted  jobs. 
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INTEGRATION 

PLAY 


1]  WIN  WITH  INTEGRATION:  Nothing  fishy  about  it.  For  an  e-business 
to  thrive,  all  your  business  processes,  from  supplier  to  customer,  must 
work  together  seamlessly.  It’s  the  key  to  a  profitable  infrastructure. 

2]  WIN  WITH  WEBSPHERE:  As  the  world’s  #1  integration  software, 
WebSphere  is  the  leading  software  platform  for  integrating  business 
processes,  applications,  platforms  and  people.  WebSphere.  Part  of 
our  software  portfolio  including  DB2?  Lotus®  and  Tivoli.® 

3]  MAKE  THE  PLAY:  Visit  ibm.com/websphere/integrate  and 
see  a  Webcast  on  how  WebSphere  can  help  cut  integration  costs. 
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Don’t  try  this  at  home . . . 

IT  pros  have  an  unusual  take  on  getting  respect  from  the  company. 


■  BY  GEORGE  NEZLEK,  MARGARET  ANN  JORDAN  AND  FREDRIC  GOLMAN 

For  those  who  escape  the  office  long  enough  to  watch  television, 
most  are  familiar  with  the  disclaimer  that  scrolls  by  during  auto¬ 
mobile  commercials:  “Professional  driver  on  closed  course  —  do 
not  attempt  these  maneuvers”  or  something  like  that.  With  so  much 
of  our  lives  defined  by  specialists  we  rely  on,  why  do  so  many  oth¬ 
erwise  intelligent  executives  utterly  ignore  their  IT  experts? 


that  must  have  been  the  effect  of  one  too 
many  cybermartinis.  Because  solution 
providers  can  make  money  only  when 
you  buy  something  from  them,  many 
organizations  find  themselves  under 
increasing  pressure  from  so-called  solu¬ 
tion  providers/enterprise  partners/etc. 
(whatever  happened  to  vendors?)  to 
make  growing  numbers  of  shelfware 
(that’s  stuff  you  buy  but  didn’t  need,  so  it 
winds  up  on  the  shelf)  purchases  in  ever- 
shrinking  time  frames. To  the  uninitiated, 


It’s  gotten  so  bad  that  a  Network  World 
columnist  went  so  far  as  to  suggest  that  IT 
professionals  might  be  using  the  request 
for  proposal  process  to  slow  the  relentless 
march  of  IT  progress  (see  www.nwfusion. 
com,  DocFinder:  2421).  Well,  after  a  few  vir¬ 
tual  cocktails  in  cyberspace, we  think  we’ve 
figured  out  why  this  is. 

Surely,  it  all  began  with  calling  them 
“personal”  computers.  Yes,  the  machines 
fit  on  your  desktop  and  actually  can  be 
used  by  one  person  at  a  time.  But  we  are 
drowning  in  individuality.  How  many  dif¬ 
ferent  kinds  of  clip  art  are  needed  to  dress 
up  a  memo?  And  —  darn  —  Minesweeper 
and  Freecell  aren’t  really  productivity 
applications  after  all. 

Although  most  of  us  managed  to  survive 
the  desktop  computing  onslaught,  there’s 
a  whole  new  invasion  of  devices  such  as 
PDAs  that  end  users  think  of  as  individual 
purchasing  decisions.  They  don’t  need 
your  help  until  a  few  hours  later,  when  the 
thing  “needs”  to  synchronize  with  the  cor¬ 
porate  calendar  system.  These  devices 
pose  an  ever-greater  challenge  to  the 
unfortunate  souls  responsible  for  coordi¬ 
nation,  integration  and  upgrades.  And  we 
shudder  to  think  about  wireless  LANs. 

It's  not  difficult  to  imagine  how  many  IT 
executives  wish  they  could  institute  some 
purchasing  guidelines  for  their  fellow  vice 
presidents’ Sunday  afternoon  trips  to  some 
electronics  boutique  that  will  inevitably 
create  a  new  layer  of  complexity  for  corpo¬ 
ratewide  applications. 

The  next  challenge  for  IT  folks  is  to  get 
around  the  vendors.  Increasingly  upset 
with  IT  departments  rejecting  their  over¬ 
tures  on  the  basis  of  finding  no  compelling 
technical  reason  to  buy  the  “next  great 
thing.'  vendors  often  direct  their  attention 


to  non-IT  groups.  The  goal  is  to  sidestep 
competent  evaluations  and  get  their  prod¬ 
uct  stuffed  down  some  poor  IT  director’s 
throat. This  is  hardly  a  new  strategy  on  the 
part  of  vendors,  but  historically  many  non- 
IT  folks  were  at  least  willing  to  accept  the 
rationale  that  a  given  product  simply  didn’t 
fit  into  the  strategic  plan. 

We  even  briefly  fantasized  that  some  IT 
“solution  providers"  actually  might  refer 
to  the  goods,  service  or  whatever  they  sell 
as  a  “product”  rather  than  a  “solution,”  but 


what  appear  to  be  excess  RFP  requests 
slowing  things  down  may  simply  be  a  way 
to  buy  some  time  to  make  coherent  tech¬ 
nology  acquisition  decisions. 

Intoxicated  by  our  analysis,  we  then  won¬ 
dered  what  organizations  actually  might 
DO  to,  well,  deal  with  these  problems. 
Admittedly,  these  recommendations  will 
betray  our  inebriation  but  we’ve  decided  to 
share  them  anyway. 

•  Start  with  a  viable  strategic  plan.  This 
could  even  be  one  that  might  extend 


beyond  the  next  two  or  three  reporting 
periods.  We  love  the  TV  commercial  featur¬ 
ing  the  two  consultants  who  deliver  their 
recommendations  to  the  CEO  who  tells 
them  to  go  and  implement  them.  Their 
response  is  that  they  only  make  recom¬ 
mendations  and  don’t  know  how  to  actual¬ 
ly  do  anything. 

Assuming  there  could  be  a  real  plan  (as 
opposed  to  one  crafted  by  a  consulting 
firm  that  is  now  in  Chapter  11)  and  it’s 
includes  live,  real  document  that  has  mea¬ 
surable,  realistic  goals  and  some  sort  of 
road  map  to  achieving  them,  the  great 
heresy  will  be  to  let  IT  management  in  on 
“the  secret”  of  what  the  strategic  plan 
actually  IS.  It’s  amazing  how  often  this 
does  not  happen. 

•  Hire  IT  staff  the  organization  actually 
can  TRUST  to  make  appropriate,  well- 
informed  decisions  about  IT  and  how  it 
relates  to  the  strategic  plan.  It  admittedly 
gets  preposterous.  We  figured  if  there  was  a 
plan,  and  IT  management  actually  knew 
about  it, and  the  organization  actually  trust¬ 
ed  them,  it  would  be  possible  to  let  them 
make  decisions  that  are  not  subsequently 
circumvented  because  some  senior  non-IT 
executive  had  a  luncheon,  golf  game,  the¬ 
ater  tickets,  weekend  at  a  resort,  etc.,  at 
some  vendor’s  expense. 

•  Don’t  assign  false  blame. Sobriety  began 
to  rear  its  ugly  head  when  we  considered 
what  might  happen  if  our  talented, 
informed,  empowered  IT  management 
should  make  unacceptable  decisions. 
Some  basic  notion  of  accountability  would 
suggest  that  organizations  should  get  rid  of 
them  (as  opposed  to  reassigning  them  to 
maintenance  coding),  but  it  just  plain  isn’t 
fair  to  hold  their  feet  to  the  fire  for  someone 
else’s  bad  choices. 

Hey,  forget  about  the  plan. The  vice  pres¬ 
ident  of  marketing  says  the  guys  at  that 
new  software  store  want  to  take  us  out  for 
drinks! 

Nezlek  is  assistant  professor  of 
Information  Systems  at  Loyola  University 
in  Chicago,  Jordan  is  an  independent  con¬ 
sultant,  and  Golman  is  president  of 
Internet  Television  Network.  They  can  be 
reached  at  gnezlek@wpo.it.luc.edu,  mjor 
dan  I  l7@aol.com  and  fgolman@intv.net, 
respectively. 
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Finally  -  the  missing  piece! 


Today's  ever-growing  data  centers  make  it  harder 
than  ever  to  get  hands-on  control  of  all  your  servers 
and  network  devices.  Now  you  can  have  direct 
access  to  every  device  in  your  data  center  from  any 
location,  all  from  a  single  screen.  Manage  and  maintain 
servers  in  your  local  rack  or  across  the  world. 


Total  system  control  over  analog  or  IP  connection 
means  complete  ‘at  the  computer’  troubleshooting 
from  anywhere. 

Now  it’s  all  falling  into  place.  Avocent’s  advanced 
analog  and  digital  KVM  solutions  -  the  perfect  fit 
for  the  server  room  and  enterprise. 


For  the  complete  picture,  download  a  free  KVM  Tech  Guide  today  at 
www.kvmguide.com  or  call  1 -866-AVOCENT  (286-2368),  ext.  3006. 


Avocent,  the  Avocent  logo.  “The  Power  ol  Being  There”,  “KVM  over  IP”,  DSR.  DSView,  DS1800,  and  CPS  are  trademarks  of 
Avocent  Corporation.  Alt  other  marks  are  the  property  of  their  respective  owners.  Copyright  ©  2002  Avocent  Corporation. 
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Remote  Console  Management  Solutions 


H 


Access  Serial  Console  Ports...  from  Anywhere! 


OUT-OFBAND  +  TELNET 


■  Multi-Session  Telnet 

■  8, 16  or  32  Port  Models 

■  Non-Connect  Port  Buffering 

■  AC  and  -48VDC  Power  Options 


OUT-OF-BAND  +  MODEM 


■  Internal  33.6  Kbps  Modem 

■  Seven  DB-9  Serial  Ports 

■  Any-to-Any  Port  Switching 

■  Co-Location  Password  Features 


OUT-OF-BAND 


■  4,  8  or  16  Port  Models 

■  Port  Specific  Passwords 

■  Safe  “Break”  Features 

■  Datarate/Flow  Control  Conversion 


s  1  -  .  .  ,,  ^ 

WTI's  family  of  remote  site  management  products  allows  network  administrators  to  manage  network  elements  located  anywhere.  WTI  designs  and  manufactures  in- 
band  and  out-of-band  console  and  terminal  switches,  remote  reboot  and  power  management  solutions,  rack  mounted  modems  and  automated  A/B  Fallback  Switches. 


■  Features  included  in  all  Console  Switches 
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Eliminate  Dangerous 
Hot  Spots  in  Your  Racks 


Introducing  APC's  New  NetworkAIR™  RM  Air  Distribution  Unit 


Benefits  of  APC's  Air  Distribution  Unit: 


As  heat  densities  continue  to  grow  at  an  alarming  rate,  the  traditional 
methods  of  distributing  air  in  a  computer  room  aren't  adequate  to  deliver 
the  necessary  airflow  required  to  cool  today's  data  center  environments. 


APC  presents  the  NetworkAIR  RM  Air  Distribution  Unit,  a  compact 
2U  rack-mounted  fan  unit  that  works  with  an  existing  precision  air 
conditioning  system  to  deliver  cool  air  to  the  equipment  contained  in 
a  rack  enclosure.  An  air  curtain  is  evenly  distributed  to  the  front  of  the 
enclosure  which  provides  consistent  temperatures  from  top  to  bottom. 


Visit  www.apc.com  to  see  APC's  complete  line  of  award-winning  power 
and  cooling  solutions. 


•  Increases  airflow  to  rack  equipment 


•  Works  in  both  raised  floor  and  non-raised  floor  environments 


•  Compact  2U  design 


•  Minimizes  air  mixing 


•  Helps  maintain  optimal  environment  for  high  reliability 


•  Improves  air  quality  through  30%  efficient  air  filtration 

(as  per  the  ASHRAE  52.1-1992  standard) 


•  Evenly  distributes  cool  air,  improving  air  circulation 
inside  the  rack 

•  Ensures  maximum  uptime  with  redundant,  dual,  indepen¬ 
dently  controlled  blower  fans  and  A-B  power  input  feeds 

•  Fits  APC's  NetShelter®  VX  enclosure  or  other  19" 
EIA-310-D  enclosures  with  removable  bottom  plates 


The  compact  (2U)  Air 
Distribution  Unit  installs 
at  the  bottom  of  the  enclosure  and  sup¬ 
plies  an  air  curtain  to  the  intakes  of  equip¬ 
ment  located  within  the  enclosure,  evenly 
distributing  cool  conditioned  air  throughout. 


Visit  APC  at  IntemetWorid  booth 


#858 


Enter  to  WIN  a  FREE  NetworkAIR™  RM  Air  Distribution  Unit 

Visit  APC's  Web  site  at  http://pr0m0.apc.com  Enter  Key  Code  g478y  Call  888-289-APCC  x6477  Fax  401-788-2797 

©2002  American  Power  Conversion  Corporation.  All  Trademarks  are  the  property  of  their  owners.  NA2A2BF-USa 
E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road.  West  Kingston,  Rl  02892  USA 
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UltraLink  sets  a  new  standard  in  remote  management  of  server  room 
environments.  It  saves  you  money  by  allowing  you  to  centralize  your  IT 
resources.  Since  it  does  not  depend  upon  software  loaded  on  your 
computers,  it  deploys  easily  and  works  on  any  operating  system,  such 
as  Windows,  Linux,  Solaris,  Unix,  or  OSX. 

The  UltraLink  digitizes  the  remote  computer's  video.  It  then  scales, 
compresses,  encrypts,  and  packetizes  it  into  the  TCP/IP  protocol.  At 
your  PC  the  free  Viewer  application  receives  and  displays  the  video  and 
sends  back  keyboard  and  mouse  data.  This  process  allow  you  to  access 
remote  computers  from  anywhere. 

Rose  is  a  leading  manufacturer  of  switching,  extension,  and  access 
products.  As  a  KVM  industry  pioneer,  Rose  is  known  for  its  technically 
superior  and  price  competitive  products. 

Join  the  ranks  of  many  successful  companies  using  UltraLink,  call  Rose 
to  learn  more  about  KVM  Access  over  IP  as  well  as  KVM  Switches  and 
Extenders. 


■  Connects  to  standalone  computers  or  any  KVM  switch 

■  High  quality  16-bit  video  at  up  to  1280x1024  resolution 

■  Easy  to  install,  give  it  an  IP  address  and  run  the  Viewer 
program,  no  user  license  required 

■  Encrypted  communication  produces  highly  secure  operation 

■  Scaling  and  scrolling  features  for  maximum  flexibility 

■  Single  mouse  cursor  simplifies  user  interface 

■  See  four  servers  from  one  screen  with  quad  screen  mode 

■  Lifetime  free  flash  upgrades 


WWW.ROSE.COM 


USA  toll  free  800  333  9343 
ROSE  US  281  933  7673 
ROSE  Europe  +44  (0)  1264  850574 
ROSE  Asia  +617  3427  5353 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  TX  77099 
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There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


OBSERVER 


OBSERVER 


Quickly  Pinpoint,  Pre-solve  & 
Prevent  Network  Problems 


Expert 
Observer 
$ 2895 


Observer 

Suite 

s3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


NETWORK 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932  9899  •  fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fan  +44  (0)  1959  569881 

©2002  Network  Instruments,  LLC.  Observer,  “Network  Instruments"  and  the  “N  with  a  dot"  logo  are  registered  trademarks  of  Network  Instruments.  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 
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ww.cyclades.com/nw 

1  -888-CYCLADES  1-888-292-5233 
510-770-9727 
sales@cyclades.com 
Fremont,  CA 
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9  Sentry  POWER  TOWER  :  Your  Zero  U  Reboot  Solution 


16  remotely  addressable  power  outlets  — 
The  highest  density  available  of  any 
Remote  Power  Management  vertical  strip. 

30-amp  power  input  feed  distributed 
across  16  outlets. 

Mounts  vertically  in  your  equipment  rack  or 
cabinet  and  requires  Zero  U  of  rack  space. 

Load  Sense  provides  real-time  current 
monitoring  in  the  remote  screen  interface 
and  through  a  built-in  LED  display  for  on¬ 
site  measurement. 

Power-up  sequencing  of  all  16  outlets 
prevents  an  in-rush  current  overload. 

Telnet,  SNMP,  Modem  or  RS-232  interfaces  for  easy, 
practical  and  secure  power  management  of  remote 
internetworking  equipment. 


Install  the  new  Sentry  Power  Tower  in 
your  data  center,  NOC  or  co-lo  facility 
and  gain  the  advantage  of  remotely 
rebooting  up  to  16  of  your  equipment 
units  without  occupying  any  space  in 
your  rack  or  enclosed  cabinet. 
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Try  the  New  Sentry  Power  Tower  in  your 
rack  or  cabinet  and  realize  the  benefits 

•  \ 

of  Intelligent  Power  Distribution  and 
.  Remote  Power  Management. 

•  our  complete  product  line  at  www.servertech.com 
all  800.835.1515  or  775.284.2000 


Another  Qrest  product  from 

Server  Technology,  Inc. 
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SilentRunner  3  0 
SilentRunner.  Inc 
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SilentRunner  is  the  lens  into  your  network  providing 
the  only  network  security  solution  that  applies 
state-of-the-art  analysis,  correlation  and 
3-D  visualization  software  to  network  security 
analysis  -  exposing  threats  and  abuses  that  just 
can’t  be  seen  with  standard  security  technologies. 


For  your  free  Technical  White  Paper, 
visitwww.silentrunner.com 

or  call  800.842.2366  today. 


SilentRunner 

A  Raytheon  Company 


1 7 "  TFT  1 U  RACK  MOUNT  DISPLAYS 


Adjustable  length  ball 
bearing  slides. 

Also  in  black  and  with 
locking  front  panels, 
in  the  USA. 
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With  Keyboard  and  Trackball 


17”  Display  Only 


rd  and  Touchpad 


1-800-729-7654 

Web:  www.recortec.com 
Email:  sales@recortec.com 

RECORTEC,  IIMC. 

1 620  Berryessa  Road  San  Jose,  Ca  951 33 
Tel:  (408)  928-1480  Fax:(408)729-3661 


NetworkWorld's 


The  Hub  of  the  Network  Buy 


Marketplace 


Q/Qn  no 


02  IS 


-1000 


New  kid  on  the  block? 


The  GB-1000  Firevvall/VPN  appliance  is  powered 
by  the  GNAT  Box  System  software  -  the  original, 
small  footprint,  high  performance  firewall  system  first 
introduced  in  1996.  The  GB-1000  is  deployed 
worldwide  by  organizations  that  desire  rock-solid 
operation  and  the  best  price/performance  ratio  on  the 
market  today. 

The  GB-1000  has  many  standard  features  including 
IPSec  VPN,  DNS  server,  failover  routing  and  DHCP 
services.  Optional  features  such  as  high  availability  and 
24x7  support  are  also  available. 


Visit  our  web  site,  email  or  call  for 
more  information. 


Firewall  Appliance 


«es,  lnc 


Years:  10 

GTA  has  10  years  experience  in  developing  quality  software.  Since  1994,  GTA  has  been 
producing  solid,  dependable,  ICSA  certified  firewalls,  with  a  powerful  feature  set  at  an 
affordable  price. 

NICs:  4+ 

The  GB-1000  standard  configuration  includes  4  built-in  10/100  NICs.  Expansion 
options  allow  the  addition  of  up  to  4  more  NICs,  including  Gigabit.  Each  NIC  is  fully 
addressable,  allowing  flexible  configuration. 

Users:  00 

The  GB-1000  has  an  unlimited  user  license  and  supports  128,000  concurrent 
connections.  Our  powerful  dynamic  network  address  translation  technology  and 
stateful  packet  inspection  engine  provide  all  users  with  transparent  Internet  access  and 
proven  network  security. 


Global  Technology  Associates,  Inc. 

1-800-775-4GTA  •  www.gta.com  •  info@gta.com 
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Self-Paced  Computer  Training 


This  is  the  way  to  leant!" 
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ecurity+ 

Training 


Media-Rich  Content 

•  Challenging  Labs 

•  Comprehensive  Tests 

•  Practical  &  Proven 
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Security+  Certification  $265*reg  $355 

Introductory  Offer!  Limited  Time!  ~ 


15  Year  Anniversary  Savings! 

Network + 

4  Sessions 

$ 

265 

reg  $  355 

i-Net+ 

5  Sessions 

$ 

315 

reg  $  425 

Windows  XP  Professional 

6  Sessions 

$ 

370 

reg.  S  495 

Windows  2000  Network  Security  Design 

3  Sessions 

$ 

195 

reg  $  265 

Cisco'  MCNS 

6  Sessions 

$ 

710 

reg.  *  945 

NETWORK  •  ONLINE  •  CD-ROM  •  VIDEO 
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ViGO. 


Business  Quality  Videoconferencing 
for  less  than  $700. 


For  more  information  about  ViGO,  call  1-800-418-5328. 


VCON 

VISUAL  COMMUNICATIONS 


www.vcon.com 
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Cisco  Router 
and  Switch  Poster 


Routers 

Switches 

Hubs 

Voice  Over  IP 

-  ■ 

Memory 

Security 

Interface  Modules 
Port  Adapters 
Wireless 


World  Data  Products  introduces  its  new  Cisco 
Router  and  Switch  poster.  It  provides  at-a-glance 
information  on  model  capacities,  interface  cards 
and  available  features. 

The  Cisco  Poster  is  a 

valuable  tool  for  _ ?*»«<*« 

network  planning. 

Call  877.231.2451  or 
visit  www.wdpi.com 
to  request  your 
FREE  Cisco  Router 
and  Switch  poster. 


£  *»•»... 
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Buy  •  Sell  •  Lease  •  Repair  •  New  •  Refurbished  •  Used 

www.wdpi.com  •  877.231.2451  •  cisco@wdpi.com 

121  Cheshire  Lane,  Minnetonka,  MN  55305  U.S.A. 


Seeking  Solutions  ...NTI  Has  The  Answers! 


NTI’s  New  KEEMUX-P2-LC 
provides  maximum  value 
and  minimum  cost! 

This  low-cost  switch  gives  you: 


NEW!  EASY 
AFFORDABLE 
DESKTOP 
MANAGEMENT 


“I  need  to  control  2  PC’s 
and  free  up  desktop  space!” 

HHi 


■MORE  SPACE-  smaller 
than  our  standard  desktop 
switch,  &  clears  your  desktop 
of  three  peripherals. 

■MORE  TIME—  save  the  time 
you  waste  moving  from  one  set 
of  peripherals  to  another. 

■MORE  MONEY-  eliminates 
the  expense  of  one  keyboard, 
mouse  &  monitor. 


FREE  CATALOG! 

CALI  800-742-8324 


1275  Danner  Drive  •  Aurora,  OH  44202 
330-562-7070  •  FAX:  330-562-1999 


LOW-COST  KVM  SOLUTIONS 


BUY  ONLINE  at  www.ntil.com/sn 
Email:  sales@nti1.com 


cess  Solutions 


Lowest  CPU  utiliza 
Installs  in  minutes 
Requires  no  intern 


Dial  Access  at  its  best! 

Equinox  Multi-modem  Adapters 
.  provide  up  to  44%  savings  over  the 
leading  competitors  of  similar  products 

EHVyibefore  you  Huy!5Sl 


Fax  server 
Dial  access 
Data  collection 
Modem  pooling 
Internet  access 


Call  1-800-275-3500,  ext.  615 
for  a  FREE  30-day  evaluation! 


or  email:  sales@equinox.com 


0  .for  more  infomation  on  Equinox  products  visit  our  website  at  -  www.equinox.com 


Jj'UJjjjjj  -i  Difzz'iofi 

Contact  these  companies  today  to  help  you  with  your  training  needs! 


Boson  Training  < 

(813)  925-0700 
|  www.bosontraining.com 
CCIE,  CCNP,  CSS1,  CCNA,  Cisco, 

I  wireless,  CISSP 


Learnkey  Inc.  < 

(800)  865-0165 
I  www.leamkey.com 
Self-paced  online  CD  network 
certification  developer  bus/apps 


PMG  NetAnalyst 

(800)  645-8486 
|  www.NetworkTraining.com 
Network  Forensic  Analysis  and 
Security  Training  and  Services 


I  TechEd  Services 

(407)  243-6494 
I  www.techedsvcs.com 
Customized  onsite  training  for 
Microsoft,  Cisco,  Network  Associates 


|  WKMN  Training 

(415)  586-1713 
I  www.wkmn.com 
Comprehensive  introduction  to 
wireless  networking. 


George  Washington  Univ 

(202)  973-1175 
( www.cpd.gwu.edu 
Oracle  MCSE  Network  Security 
UNIX/LINUX  1-Net  VB.Net  XML 


IPexpert,  Inc. 

(866)  225-8064 
|  www.ipexpert.net 
CCIE,  CCNP,  CSS1,  CCNA,  Cisco, 
I  wireless,  CISSP 


To  Place  Your  Listing  Here 
Cali  Enku  Gubaie  at 
(800)  622-1108 

ONetwofkWortd 

NetSmart  Learning  Partner 


NetworkWorld's 


The  Hub  of  the  Network  Buy 


Marketplace 


it's  a 

HO  brainer! 


■  Cisco  Systems  ■  Extreme  Networks 

■  Juniper  Networks  ■  Foundry  Networks 

www.  digitalwarehouse.  com 

DIGITAL  WARiHOUIE 

The  No.  1  Source  For  Used  Cisco  Direct*# 


■  Nortel  Networks 

■  Lucent  Technology 

■  Alcatel 

■  Riverstone  Networks 


Phone:  800-439-8558  or  718-894-7500 


56-29  56*  Drive,  Mospeth,  NY  1 1 378  USA  ■  Fax:718-894-1573 


We 

Buy 


& 


Since  I9S5 


Sell 


CISCO 


New  &  Used 
Fully  Guaranteed 
Overnight  Delivery 


Se  habla  Espanol 
Wfr  sprecben  Deutsch 


800.451.3407 


90  Castilian  Drive.  Suite  110.  Santa  Barbara.  CA  93117 


Routers 
Switches 
Interface  Modules 
Access  Servers 
Accessories 


www.nGtworkhardware.com 

BUY  ONLINE 


NETWORK  HARDWARE  RESALE 


IrOvii 


See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  gtxxls. 
Gifts  Pens.  Clocks. 
Lighters.  Games 


www.suitcase.com 


SERVER  ROOM 

Temperature 

Sensors 


As  Low  As... 


*129" 


M  ultJLpJ  e  Models  Including: 


THL-100 

(Battery  powered) 

THL-100  AC/DC 

(Continuous  monitoring) 

THL-100  AC/DC  Plus 

(Email  alarms) 


►  Records  Temperature,  Humidity  &  Light 

►  Time  Stamped  Data  for  Detailed  Analysis 

►  Windows-based  SmartSensor  Software 
•  Data  or  graphical  view 

•Easily  exports  to  common  spreadsheet 
software 


Toll  Free  1-866-442-7767 
www.smartronix.com/products 


Jl.  buy.  anti  lease  the  best  new  and  refurbished  networking 
equipment  and  systems  at  the  lowest  prices  anywhere. 

Isn't  it  about  time  you  made  the  smart  choice? 


Average  Order  Assembly:  10  Mir 

Glue  us  a  break,  it's  a  26,000  sq  ’ft.  warehouse. 


Trust  the  Experts  ~ 

J$ntinental 

COMPUTERS  Since  1984 


We  Specialize  In... 

Ciscr  Systems 


COMPAQ. 

Alpha  SYSTEMS 

These  logos  are  a  tradema*  c#  their  reepeettve  c vmcrnrm  and  serves* 


Authorized 

Reseller 


www.conticomp.com  •  310.416.1200 


FIBER  OPTIC 
SOLUTIONS 


•  T1/E1  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS/400  Twinax,  and 
RS/6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  ISO  -  9001 


Toll  Free  866-SITech-1 
630-761-3640,  fax  630-761-3644 

www.sitech-bitdriver.com 


f if  View  Cart  Clear  Cart 


FACTORY  DIRECT 
FIBER  OPTIC  PRODUCTS 


Jumpers,  Pigtails,  Termination  Boxes, 
Preconnectorized  Backbone  Cable, 
Mode  Conditioning  Cables, 
Ethernet  Converters  and  Switches, 
CAT5  Products,  Photonic  Devices 


www.fiberdyne.eom 


A  FIBERDYNE  LABS,  INC. 

1-1800)  894-9694 
(315)  895-8470 
Fax  (315)  895-8436 


WRCA.NET 

NEW  USED 


AUTHORIZED  RESELLER 
Access/Routers/Switches 
Cisco  Livingston  Ascend 
3Com  US  Robotics  Kentrox 
Adtran  BayNetworks  Xyplex 
Computone  Digital  Link 
Modems  /  DSU  /  Muxes 
IBM  UDS  Codex  Hayes  GDC 
Micom  Microcom  Paradyne 
ATT  MultiTech  Penril 
Racal  Telebit  Zoom 

WE  BUY  AND  SELL 
www.wrca.net 
800-699-9722 


M'  jK 
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Advertise  in  the 
Marketplace  and  watch 
your  sales  come 
pouring  in! 


Call  Direct  Response 
Advertising 
1-800-622-1108 


N^RTELnetworks 


■H  ggSSSS  ^  BayNetworks 

BROWSING  THE  AUCTIONS? 
Consider  What  You  Get: 


National  LAN  Exchange 

•  Nortel  Service  Contracts 

•  Nortel  Service  Renewals 

•  Next-Day  Hardware 
Replacement 

•  Free  Technical  Support 

•  One  Year  Warranties 

•  New  and  Used  Equipment 

•  Hundreds  of  Pieces 
in  Stock 

•  Design/lnstall  Services 

•  Fast  Overnight  Delivery 


Auctions 

•  No  Sendee  Contracts 

•  No  Sendee  Renewals 

•  No  Replacements, 

No  Guarantees 

•  No  Support 

•  No  Warranties 

•  Who  Knows? 

•  Sometimes  Available, 
Sometimes  Not 

•  No  Sendees 

•  Inconsistent  Delivery 


Make  the  Smart  Choice 


www.NLE.com 
New/Used  •  Buy/Sell 
National  LAN  Exchange 


888-8LANWAN 

(885-852-5926) 


Wf),se''or#nno<mce 


Network  Products  &  Services  wliii 
NetworkWorld’s  Marketplace  Call  800-622-1108  ext  6507 


Secure  Your  Future. 
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careers.com 


,T- 

'.jyj 


IT  CAREERS 


© 


careers 


Check  out  our 
WITI  FastTrack 
Supplement  today 


If  organizations  want  to  flourish  in  the  global  economy,  leaders 
need  to  nourish  their  employees.  Our  Women  in  Technology 
International  (WITI)  FastTrack  coverage  will  cover  the  trends  and 
techniques  of  leading  companies  around  the  United  States.  If 
you're  interested  in  a  top  IT  environment  offering  first-class 
treatment,  check  out  WITI  FastTrack.  The  list  below  offers  just  a 
sample  of  the  exceptional  employers  featured  in  this  supplement. 


•  AOL  Time  Warner 

•  Capital  One 

•  Mercury  Computer  Systems,  Inc. 

•  Raytheon 


For  more  information  on  WITI  FastTrack,  please  call  Jams  Crowley  at 
1-800-762-2977  ext  7607,  or  email  at  janis_crowley@itcareers.net. 


Web  Programmer.  Within  Tech¬ 
nology  Department,  Internet  De¬ 
velopment  group  is  responsible 
for  development  of  both  JNL 
Internet  and  Intranet  sites,  and 
associated  application  develop¬ 
ment.  Web  Programmer  functions 
as  a  mid-level  technician  working 
on  moderate  to  complex  work 
requests. 

As  a  member  of  project  team, 
responsible  for  application  de¬ 
sign/analysis;  developing  project 
plans;  coding,  testing,  docu¬ 
menting  all  code;  and  maintain¬ 
ing  and  upgrading  existing  appli¬ 
cations.  May  interlace  with 
customers  to  assist  in  the  imple¬ 
mentation  and  solution  design 
of  work  requests.  Must  code, 
debug  and  test  application  pro¬ 
grams  utilizing  JAVA  and  web- 
based  programming  tools.  From 
a  set  of  written  specifications 
under  general  guidance  of  Pro¬ 
ject  Manager  or  Senior  Team 
Member,  must  be  adaptive  to  the 
use  of  new  software  aids  and 
programming  techniques  as 
acquired  and  adopted  within  IT 
in  order  to  achieve  the  goal  of 
providing  world-class  corporate 
web  site.  Minimum  requirements 
include  Bachelor's  degree  or 
equivalent  in  education  and/ 
or  experience  plus  2  years 
experience  in  job  offered  or 
related  occupation  of  Programmer, 
Systems  Analyst,  Application 
Developer.  Software  Engineer, 
Network  Administrator  or  combi¬ 
nation  of  above.  Experience 
must  include  at  least  two  years 
experience  in  relational  data¬ 
bases.  one  year  experience  in 
application  development  utilizing 
JAVA  and  one  year  of  experi¬ 
ence  in  at  least  3  of  the  following 
web  programming  tools  Rational 
Rose,  JAVA  Servlets,  JSP,  XML. 
UML,  WebSphere,  EJB,  and 
JAVA  Beans.  Must  pass  CPAB 
(Computer  Programming  Aptitude 
Battery)  exam,  required  by  em¬ 
ployer  of  all  applicants.  Please 
mail  resumes  to  Jackson 
National  Life  Insurance  Company, 
attn:  Destiny  Southwell,  One 
Corporate  Way.  Lansing.  Michigan 
48915. 


Infinite  Computing  Systems  a 
Cedar  Rapids,  IA  company  is 
seeking  qualified  computer  pro¬ 
fessionals  for  our  growing  team. 
Current  available  positions  must 
meet  the  following  minimum  re¬ 
quirements.  All  positions  require 
at  least  a  Bachelors  degree  (for¬ 
eign  Bachelor  degrees  are  ac¬ 
ceptable): 

•  At  least  1  yr  exp  as  a  computer 
professional,  including  at  least 
1  yr  exp  in  Harris  transformer, 
Expeditor,  IDMS,  DB2,  UNIX, 
Fortran,  C++,  File  Aid,  and  IMS 
DB/DC. 

•  At  least  5  yrs  exp  as  a  computer 
professional,  including  not  less 
than  1  yrs  exp.  in  EasyTreive, 
QMF,  MF-CICS,  MF-COBOL. 

•  At  least  5  yrs  exp  as  a  computer 
professional,  including  5  yrs 
exp.  in  C,  C++,  VC++,  Oracle. 
GUI,  SQL  Server  and  at  least  2 
yrs  exp  leading  and  managing 
professionals  in  developing, 
installing,  and  maintaining 
computer  applications  and 
systems. 

•  At  least  5  yrs  exp  as  a  computer 
professional,  including  not  less 
than  2  yrs  exp  in  Rational  Rose, 
DB2,  EJB,  Java,  Websphere, 
Visual  Age. 

•  At  least  2  yrs  exp  as  a  computer 
professional,  including  2  yrs 
exp  in  MS-Translation  Server, 
Visual  basic,  Developer2000, 
MAGIC,  Oracle,  and  SQL  Server 
and  at  least  6  mos.  experience 
in  Dream  Weaver,  Power¬ 
Builder  and  Sybase. 

•  At  least  3  yrs  exp  as  a  computer 
professional,  including  2  yrs 
exp  in  SAP,  Java,  HTML.  ABAP, 
BEA  Weblogic,  and  1  yr  exp  in 
Webmethods  B2B  Server  and 
Enterprise  Server,  EDI,  and 
Cognos  Power  Play. 

•  At  least  2  yrs  exp  as  a  computer 
professional,  including  2  yrs 
exp  in  Formware,  iCR/OR 
recognition  technology.  Imaging, 
Document  management.  File 
Net,  PC-Docs,  Visual  Basic, 
Java,  and  SQL  Server. 


Systems  Analysts  responsible 
for  design  and  development  of 
software  applications  for  the 
company  and  its  clients.  Help 
clients  in  state-of-art  internet  and 
client  server  technologies  under 
Windows  NT  using  VB  Script, 
COM,  ActiveX  and  JavaScript. 
Responsible  for  writing  code  in 
Visual  Basic  and  Java  using  Ob¬ 
ject  Oriented  Programming 
Techniques.  Use  Object  linking 
and  embedding  technologies 
and  ActiveX  to  make  the  appli¬ 
cations  reusable.  Must  have  a 
Bachelor’s  degree  in  CS  or  for¬ 
eign  degree  equivalent.  Must 
have  2  yrs  of  exp,  in  the  job  of¬ 
fered.  Salary:  Competitive.  Send 
resume  to:  Raj  Shekaran  Soft¬ 
ware  Research  Assoc  70 
Mansell  Ct.  Ste.  100,  Roswell, 
GA  30076. 


Software  Engineers  (St.  Louis, 
MO):  Under  close  supervision  of 
project  manager,  will  develop 
large-scale  web-based  manage¬ 
ment  information  system  apply¬ 
ing  object-oriented  programming 
technology  using  C/C++,  Java, 
JSP  and  EJB  in  a  three-tier 
client/server  environment  on 
Window/Unix  platforms;  develop 
detailed  technical  design  speci¬ 
fication  according  to  Rational 
Unified  Process  (RUP)  for  fur¬ 
ther  developing  applications  in 
Weblogic  Server  using  XML, 
RMI,  SQL  and  Oracle;  interface 
Oracle  to  Java  applications 
through  JDBC  and  Swing;  eval¬ 
uate  interface  between  software 
applications  and  operational 
/performance  requirements  of 
overall  system;  develop  client 
side  GUI  screen  using  Jbuilder, 
JavaBeans  and  JavaScript;  and 
perform  troubleshooting  and 
system  tuning  using  system 
traces  and  debugging  tools. 
Require  B.S  or  the  equivalent  in 
Comp.Sci.  Math.  Engr.  MIS  or  in 
a  closely  related  field.  Competitive 
salary.  Full-time;  Mon-Fri,  Re¬ 
sume  to  Crawford  Group,  Inc.  at 
spiatt  ©erac.com.  No  call/EOE. 


divine,  Inc.,  computer  software 
applications  developer  and 
consultancy,  has  the  following 
positions  available:  Consultants, 
Senior  Consultants.  Software 
Engineers  Senior  Software  En¬ 
gineers,  Systems  Engineers,  Ap¬ 
plication  Integration  Engineers. 
Technical  Training  Specialists, 
Development  Team  Leads,  Man¬ 
agers,  Directors.  Openings  avail¬ 
able  in  the  following  locations: 
Santa  Monica.  CA,  Denver,  CO. 
Fairfield,  CT,  Norcross,  GA. 
Chicago,  IL,  Lisle,  IL,  Columbus, 
OH,  St.  Louis,  MO.  Burlington, 
MA.  Permanent  U.S.  work  au¬ 
thorization  required.  Applicants 
should  authorization  required. 
Applicants  should  indicate  posi¬ 
tion  and  location  you  are  applying 
for  and  forward  resume  to  divine, 
Inc.  Attn:  DK  1,  333  Warrenville 
Rd.,  Lisle,  IL  60532  or  by  fax 
addressed  to  DK  1  at:  630-799- 
0060.  EOE. 


Seeking  qualified  applicants  for 
the  following  position  in  Memphis, 
TN:  Senior  Programmer  Analysts: 
Formulate/define  functional  re¬ 
quirements  and  documentation 
based  on  accepted  user  criteria. 
Requirements:  bachelor's  degree 
or  equivalent*  in  computer  sci¬ 
ence,  MIS,  computer  systems 
engineering  or  related  field  plus 
5  years  of  experience  in  systems 
/applications  development.  Ex¬ 
perience  with  client/server  tech¬ 
nology  or  object-oriented  analysis; 
C,  C++,  Smalltalk,  Visual  Basic 
or  Java;  and  CORBA  also 
required.  "Master's  degree  in 
appropriate  field  will  offset  2 
years  of  general  experience. 
Submit  resumes  to  Sibi  George, 
FedEx  Corporate  Services, 
1900  Summit  Tower  Blvd.,  Suite 
1400,  Orlando,  FL  32810.  EOE 
M/F/D/V. 


Computers:  System  Project 
Directors  needed:  Plan,  direct 
and  coordinate  systems  project 
delivery;  Lead  team/s  on  complex 
systems  projects;  Provide  guid¬ 
ance  on  troubleshooting  technical 
issues  to  enhance  system  func¬ 
tions.  Experience  must  include 
two  years  working  with  Mainframe, 
COBOL  and  ASP.  Requires  MS 
/BS  degree  or  equivalent  and/or 
relevant  work  experience.  Mail 
resume,  references  and  salary 
requirements  to:  Investor's  Bank 
&  Trust,  200  Clarendon  Street, 
Boston,  MA  02116. 


Seeking  qualified  applicants  for 
the  following  position  in  Memphis, 
TN:  Senior  Programmer  Analyst. 
Formulate/define  functional  re¬ 
quirements  and  documentation 
based  on  accepted  user  criteria. 
Requirements:  Bachelor's  de¬ 
gree*  in  computer  science,  MIS, 
engineering  or  related  field  plus 
5  years  of  experience  in  sys¬ 
tems/applications  development. 
Experience  with  UNIX  Shell  pro¬ 
gramming;  C  and/or  C++;  and 
SQL  also  required.  'Master's 
degree  in  appropriate  field  will 
offset  2  years  of  general  experi¬ 
ence.  Submit  resumes  to 
Sibi  George,  FedEx  Corporate 
Services,  1900  Summit  Tower 
Blvd.,  Suite  1400,  Orlando,  FL 
32810.  EOE  M/F/D/V. 


DATAWAREHOUSING  CON¬ 
SULTANT  Analyze  customer  re- 
qts,  identify  &  implement  solns. 
Participate  in  dvlp  &  pre-sales 
events.  B.S.  Info  Systems,  Comp 
Science  or  equiv  +  proficiency  in 
Java,  JSP,  JavaScript,  Servlets, 
Visual  Basic.  Competitive  Salary. 
Send  resume  to:  Solution 
Builders,  1000  Abernathy  Rd. 
NE,  #175,  Atlanta,  GA  30328 


Computer 

ARINC,  a  leading  provider 
of  communications,  information 
technology,  and  system  engi¬ 
neering,  has  an  opening  for  a 
Staff  Principal  Engineer  with 
Animator  experience  in  our 
Marina  del  Rey,  CA  office.  The 
individual  will  be  responsible  for 
working  as  a  chief  architect  of 
graphical  interface,  networking 
and  Java.  Specifically,  the  indi¬ 
vidual  will  lead  efforts,  which 
utilize  the  Animator  product. 
Requires  a  minimum  of  five 
years  of  experience  in  the  job 
duties  offered.  Must  have  techni¬ 
cal  and  working  knowledge  of 
Animator,  as  well  as  program¬ 
ming  experience  in  Java,  C++. 
C,  Windows  NT/2000,  and  UNIX 
operating  systems.  Visit  us  online 
to  apply  at:  www.arinc.com/ 
careers.  Please  refer  to  this  ad 
when  applying.  Equal  Opportunity 
Employer  M/F/D/V. 


CSI  (Comprehensive  systems, 
Inc.)  is  looking  for  IT  professionals 
(Programmer/System  Analyst, 
DBA,  Software/Project  Engineers, 
QA.  Candidates  must  have  BS 
plus  1-yr  exp.  Skills  in  CICS, 
COBOL,  DB2,  HTML.  VBScript, 
Java,  Websphere  preferred.  Apply 
to  hr@csicos.com.  EOE. 

Software  Engineers  wanted  by 
7  Hills  Tech  to  perform:  design, 
develop  &  implement  client/server 
&  web-based  applications.  Qual¬ 
ified  applicants  must  have  BS. 
Exp.  using  OOA/OOD  in  Java, 
J2EE,  Oracle  required.  Send  re¬ 
sumes  to  employ  @  7hillstech.com. 
EOE. 


PeopleSoft  Administrator  and/or 
Oracle  DBA  -  Radio  Free  Europe 
/Radio  Liberty,  located  in  beautiful 
Prague,  Czech  Republic,  is  seek¬ 
ing  an  Applications  Development 
Specialist.  Primary  responsibili¬ 
ties  will  be  to  support  Human 
Resource  and  Financial  opera¬ 
tions.  Hands  on  Oracle  DBA  or 
Peoplesoft  skills  are  a  must. 
Good  pay  and  benefits,  interest¬ 
ing  company.  Intrigued?  Look  at 
www.rferl.org/welcome/english 
/jobs/EOE  M/F/D/V 


Sr.  Billing  Software  Eng.  Analyze, 
design,  code  usage  record  col¬ 
lection  of  interfaces  b/w  telephony 
switching  equipment  &  existing 
NT-based  BCC  software  product. 
3+  years  in  development  VC++ 
/MFC  database  applications, 
SQL  Server  preferred.  Extensive 
knowledge  of  cellular,  GSM 
/PCS,  wireline  and  CIBER/TAP, 
as  well  as  switch/tape  interfaces. 
9-5  40hrs/wk  85K  Rancho 
Cucamonga,  CA.  send  cv 
hr@arisinc.com.  888.274.3995 


♦ 


SBI  is  looking  for  the  following 
positions  for  its  offices  in  Houston, 
TX,  San  Francisco,  CA.  Warren, 
NJ,  Salt  Lake  City,  UT  and 
Portland,  OR:  Programmer 
Analysts,  Technical  Architects, 
Technical  Consultants,  Business 
Strategists,  Systems  Analysts. 
Software  Engineers,  resumes  by 
email  or  fax  only  to  HR.  SBI  2825 
East  Cottonwood  Parkway,  Suite 
480,  Salt  Lake  City,  UT  84121: 
careers@sbiandcompany.com; 
Fax  (801  >733-3201. 


Programmer  Analyst  for  Natick. 
MA  office  to  plan,  develop,  test 
and  document  computer  pro¬ 
grams,  to  analyze,  review  and 
alter  program  to  increase  oper¬ 
ating  efficiency  or  adapt  new 
technologies.  Full  time  position 
M-F  offers  good  salary.  Applicants 
with  4  yrs  experience  &  working 
knowledge  of  Oracle,  SlS/Com- 
pass.  SPF,  Lotus  notes.  Micro 
focus  Animator,  PVCS,  Unix  and 
SQL,  Developer/2000/6  and 
COBOL,  send  resumes  only 
to  Mario  Cabrera.  Human 
Resources,  FDP  Corporation 
d/b/a  Sun  Gard  Insurance 
Systems  2000  S  Dixie  Hway 
Miami  FL  33133. 


Programmer/Analyst  (Jacksonville. 
FL):  Design  and  develop  software 
on  Java.  VB,  JSP  using  Oracle, 
CORBA  with  Visibroker  /  Orbix, 
Java  Socket  Programming. 
Weblogic.  Websphere  and  JBoss 
Server  w/Tomcat,  iPlanet,  JRun, 
etc.  Req.  B.Sc.  or  its  foreign 
degree  equivalent  based  on 
education  and/or  experience  in 
C.  Sc.  Maths,  or  other  science 
field  +  2  yrs.  exp.  in  job  described. 
Resume  to:  HR  Manager.  Soft¬ 
ware  Services  &  Resources. 
Inc.,  3574  Old  Milton  Pkwy, 
Alpharetta,  GA  30005 


Senior  Principal  Engineer  - 
CCBS;  Dulles,  Virginia:  Provide 
technical  customer  support  for 
US  &  international  users  of  the 
five  instances  of  the  Customer 
Care  &  Billing  System  (CCBS) 
&  its  interfaces  to  the  relevant 
mediation  devices  &  switches. 
Analyze  &  determine  which 
system,  database,  business 
process  or  interface  has  caused 
the  problem  &  provide  solutions. 
Create  scripts  to  fix  or  monitor 
the  databases.  Provide  guid¬ 
ance  &  recommendations 
regarding  business  practice 
modifications.  Work  with  switch 
&  mediation  device  engineers  & 
technical  users  world-wide  to 
test  &  implement  CCBS.  Apply 
knowledge  of  Oracle  and  UNIX 
systems,  GUI.  switch  &  media¬ 
tion  device  databases  &  all  of 
the  business  processes  of  the 
billing,  invoicing  and  provision¬ 
ing  systems.  Bachelor's  degree 
or  equivalent  in  Electrical 
Engineering  or  a  closely  related 
field. &  6  yrs  exp.  in  the  position 
offered  or  in  a  systems  engi¬ 
neering  position  two  yrs  of 
which  must  have  been  in  the 
telecommunications  industry.  6 
yrs  exp.  must  include  at  least 
two  yrs  exp  with  switch  proto¬ 
cols,  mediation  devices,  oracle 
databases,  telecom  products  & 
billing  systems  &  billing  product 
development.  40  hrs  per  wk, 
domestic  &  infl  travel  required 
(25%).  Send  resume  to  Carrie 
Carr-Main,  ORBCOMM,  21810, 
Atlantic  Boulevard,  Dulles,  VA 
20166 


Trusted 
by  more 
hiring 
managers 
than  any 
IT  space 
in  the 
world. 


Become  a  Microsoft  Windows  2000  Security  Expert. 

It’s  easy.  Just  point,  click  and  choose  the  format  that  works  best  for  you: 
•CD-ROHl  •Uleb-Based  *Hands-0n  •Uirtual  Classroom 

Uisit  lletSmart  today  at  www.nwnetsmart.com 
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Liortbridge  Technologies  Inc.  has 
two  openings  in  its  Framingham, 
MA  office  for  Software  Develop¬ 
ment  Engineers  who  have  a 
Bachelor's  degree  or  equivalent 
in  Computer  Science,  Systems 
Engineering  or  a  related  field 
and  2  years  of  experience 
programming  in  Java  using  UML 
design  techniques  on  Windows 
and  Unix,  2  years  of  RDBMS 
experience  with  Oracle  and  MS 
SQL.  1  year  of  experience  in 
Internationalization,  and  experi¬ 
ence  with  complete  development 
lifecycle.  (Experience  can 
be  concurrent).  Interested 
candidates  should  send  resume 
to  Ref.  SLTL-BP,  Maria  Lopes, 
Human  Resource  Manager, 
Lionbridge  Technologies,  Inc., 
492  Old  Connecticut  Path, 
Framingham.  MA01701. 


VegaStream,  Inc.,  located  in 
Dublin  is  seeking  F/T  expd. 
Manager  of  Product  Support  to 
research,  design,  and  developing 
of  computer  software  systems,  in 
conjunction  with  hardware  product 
development.  Analyze  software 
requirements  to  determine  fea¬ 
sibility  of  design  within  time  and 
cost  constraints.  Consult  with 
hardware  engineers  and  other 
engineering  staff  to  evaluate 
interface  between  hardware  and 
software,  and  operational  and 
performance  requirements  of 
overall  system.  Formulate  and 
design  software  system,  using 
scientific  analysis  and  mathe¬ 
matical  models  to  predict  and 
measure  outcome  and  conse¬ 
quences  of  design.  Bachelor's 
degree  in  Computer  Science, 
competitive  salary.  Fax  resume 
to  Gina  (561  >995-6027. 


Syst  Analyst  (Oakbrook,  IL) 
Analyze  user  req'ments,  develop 
project  process  flow,  program 
specifications,  develop  tests 
&  conversion  plans,  consult  & 
advise  tech  personnel  on  applic 
procedures,  plan  &  prep  tech 
reports,  memoranda.  MS  in 
Comp  Sci/Comp  Applic/Eng  &  1 
yr  exp  w/Unix,  C,  Informix. 
$69,000/yr,  40  hrs/wk,  9a-5p. 
Applicts  must  show  proof  of 
legal  authority  to  work  in  US.  Res 
to  IL  Dept  of  Empl  Security,  401 
South  State  St  -7  North,  Chicago, 
IL  60605.  Attn:  L.  Jackson,  Ref  # 
V-IL  26357-J.  An  employer  paid 
ad.  NO  CALLS  ‘  Send  2  copies 
of  both  res  &  cvr  Itr. 


Computer  Support  Specialist: 

For  provider  of  ITS  systems, 
provide  tech  assistance  to 
programmers;  customize,  train, 
support  users  of  accounting 
apps,  MS  office;  hardware  & 
network  setup  &  support;  web 
design.  Req's:  M  S.  in  Comp  Sci 
or  related  field.  1  yr  exp  in  job 
offered  or  1  yr  exp  as  Software 
Eng.  Exp  must  incl  software  dev, 
network  &  database  dev  &  soft¬ 
ware  installation  &  troubleshooting 
&  user  support.  Prof  in  MS  Office, 
MS  Visual  Basic,  Sybase,  Oracle 
&  MS  Access.  40  hrs/wk.  Send 
resume  to  Terry  Bauman,  1323 
Little  Mountain  Rd.,  Bethel,  PA 
19507. 


Sr  S/W  Engineers  Lead  teams  to 
design/develop  s/w  appls  using 
SAP.  ABAP/4,  VB.  Oracle,  Dev 
2000  and  Windows;  integrate 
computer-aided  scheduling, 
dispatch,  outage  mgmt,  work 
planning  etc;  conduct  data  con¬ 
versions,  archiving,  customization 
while  administering  SAP  systems; 
gather/document  reqs;  train 
team  &  clients.  Require  MS  in 
CS/Math/  Engg(any  branch)  &  3 
yrs  exp.  Will  also  accept  BS  or 
foreign  equiv  in  any  of  above  &  5 
yrs  of  relevant  progressive  exp. 
Travel  involved.  High  salary  f/t. 
Resumes  to  HR,  Smartsoft 
International  4898  South  Old 
Peachtree  Road,  Suite  200, 
Norcross,  GA  30071 


PDM  ("Product  Data  Manage¬ 
ment")  Implementation  Consultant 
working  under  the  close  super¬ 
vision  and  continued  monitoring 
of  the  Group  Leader,  will  perform 
technical  and  consulting  activities 
including  PDM  ("Product  Data 
Management")  system  design 
and  Implementation.  Will  assist 
in  facilitating  customers'  imple¬ 
mentation  activities  in  the  area  of 
foundation  building,  customer 
education  and  education  plan¬ 
ning,  and  project  planning  and 
execution.  Will  execute  product 
implantation  tasks,  project  level 
implementation  strategies,  and 
participate  in  program  activities. 
Will  also  aid  in  user  learning 
curve  compression,  mentor  im¬ 
plementation  associations,  and 
document  methodologies  and 
case  studies.  Requires  Bachelor's 
Degree  in  Computer  Science, 
Mechanical  Engineering,  MIS, 
Electrical  Engineering,  Physics, 
Math  or  the  equivalent,  and  one 
year  of  experience  in  Job  Of¬ 
fered  or  one  year  of  experience 
in  PDM  consulting  or  PDM  de¬ 
velopment,  OR,  in  the  alterna¬ 
tive,  a  Master's  degree  and  zero 
(0)  year's  experience.  Salary: 
$64,207/yr;  40  hrs/wk;  M-F 
9:00a.m. -5:00p.m.  Job  in  Lisle, 
IL.  Applicants  must  show  proof 
legal  authority  to  work  in  the  U.S. 
Submit  resume  to:  ILLINOIS  DE¬ 
PARTMENT  OF  EMPLOYMENT 
SECURITY,  401  South  State-  7 
North,  Chicago,  Illinois  60605, 
Attention:  Joanne  Breaux,  Ref¬ 
erence  #  V-IL  33262-N  AN  EM¬ 
PLOYER  PAID  AD.  NO  CALLS- 
SEND  2  COPIES  OF  BOTH 
RESUME  &  COVER  LETTER. 


Network  Engineer.  40  hrs/wk. 
9:00  a.m.  -  5:00  p.m.  Bloomington, 
IL.  Install,  configure  and  trouble 
shoot  computer  systems  networks. 
Provide  installation,  service  and 
support  of  Netware,  NT  and  Ex¬ 
change  servers  and  installation 
of  CISCO  switches.  Required:  2 
yrs  exp  in  job  offered,  as  sys¬ 
tems  engineer,  or  related  (exp 
must  include  2  yrs  providing 
installation,  service  and  support 
of  Netware,  NT  and  Exchange 
servers  and  installation  of  CISCO 
switches);  Certification  as  CISCO 
Certified  Network  Professional 
(CCNP);  and  Certification  as 
CISCO  Certified  Internetwork 
Expert.  NO  PHONE  CALLS. 
Resumes  to:  Logical  Networks, 
Inc.,  Kim  Slappy,  1750  South 
Telegraph  Road,  #300,  Bloomfield 
Hills,  Ml  48302. 


Synergy  has  openings  for  IT 
professionals  or  engineers. 
Qualified  applicants  must  have 
BS/MS  with  1  -year  experience. 
Strong  background  in  TCP/IP 
Suite,  Unix,  DB2,  Oracle,  VB, 
SQL,  IIS,  Window  NT  and  XML 
is  plus.  Send  resumes  to 
hr@synergycom.com.  Travel  is 
required.  EOE 

QA  Engineer/Analyst/IT  profes¬ 
sionals  wanted  by  E-Comlogics. 
Work  in  Pittsburgh,  PA.  Minimum 
requirement  is  BS  in  comp  sci¬ 
ence  or  engg.  plus  1  -yr  QA  exp. 
using  automation  tools/script. 
We  are  small,  but  very  stable. 
Please  apply  at  resume  @ecom 
Logics,  srg,  EOE 


ExImWare,  a  s/w  &  service  com¬ 
pany  for  global  agriculture  trade 
markets,  is  looking  for  Business 
/System  Analysts  &  S/W  Engi¬ 
neers.  Min.  BS  with  1  -yr  related 
exp.  required.  Key  skills:  s/w 
design,  dev.  and  testing,  proj 
mgt.,  OO  prog.,  java,  and  xml. 
Send  resumes  to:  careers® 
eximware.com. 

Anacon  has  openings  for  IT 
professionals  (software  engineers, 
programmer/system  analysts). 
Candidate  must  have  BS/MS. 
One-year  exp.  is  a  minimum. 
Skills  in  areas  of  C,  COBOL, 
Oracle,  SQL,  Sybase,  DB2, 
PeopleSoft,  SQA,  VB  are  plus. 
Contact  anacon@anacon.com. 
EOE 


Software  Engineer.  Merrimack. 
Research,  design  &  dev.  comp 
softw.  systems,  in  conjunction 
w/  hardware  product  devpnt. 
Consult  w/  hardware  eng'rs  and 
other  eng  staff  to  evaluate  inter¬ 
face  betw  hardware  &  soft., 
operational  &  performance  req"s 
of  overall  system.  Provide  tech, 
guidance  on  client  projects.  Will 
use  Solaris,  Unix,  Linux,  windows 
2000  server,  NT,  Java,  Perl, 
AWK,  Cobol,  C.  C++,  Visual 
C++,  Borland  C++,  Oracle  Dev 
2000,  Oracle  Reports,  Crystal 
Reports,  Clear  Quest,  Rational 
Clear  Case,  Rational  Robot,  VB, 
ASP,  SQL,  Oracle,  MS  Access, 
XML,  HTML,  UML,  Javascript, 
VB  Sript,  Shell  Script,  COM, 
COM+,  DCOM  etc.  Will  accept 
Bach's  in  CS,  Eng,  MIS,  Math  + 
5yrs  of  exp  as  prog  anal/syst 
anal.  Or  Mast's  +  2yrs  exp  as  a 
prog  anal/syst  anal.  Req.  $ 
85,000/hr,  40hrs/wk,  9:00am  to 
5:00pm.  Pis.  send  2  copies  of 
resume/letters  of  application  to: 
Job  Order  #  2002-328,  PO  Box 
989,  Concord.  NH  03302-0989 


SOFTWARE  ENGINEER: 
Knowledge  of  IBM  AS/400 
midrange  systems  and  Honey¬ 
well  Bull  mainframe  systems  on 
which  key  business  systems  are 
based.  Knowledge  in  both  VB6 
Enterprise  development  software 
and  Interdev  Web  development 
software  to  design  client  front 
ends.  Knowledge  in  Oracle  data¬ 
base  technology.  Job  duties  are 
to  Analysis  of  current  procedures 
and  problems  to  refine  and  con¬ 
vert  the  data  to  programmable 
form;  determine  output  require¬ 
ments;  study  existing  systems  to 
evaluate  effectiveness;  upgrade 
systems  presently  in  use;  develop 
test  and  implement  new  soft¬ 
ware;  observe  functioning  of 
newly  implemented  system  and 
programs  for  trouble  areas;  correct 
systems/programs  as  necessary. 
Requires  High  School  in  sciences 
with  4  years  of  software  devel¬ 
opment  experience.  40  hours 
per  week  at  $  60,000  per  year. 
Please  send  resume  to  Case  # 
200111215,  Labor  Exchange 
Office,  1 9  Staniford  St.,  1  st  floor, 
Boston,  MA  02114. 


Software  Engineer,  Merrimack. 
Research,  design  &  dev.  comp 
softw.  systems,  in  conjunction 
with  hardware  product  devpnt. 
Consult  with  hardware  eng'rs 
&  other  eng  staff  to  evaluate 
interface  betw  hardware  &  soft., 
operational  &  performance  req's 
overall  system.  Provide  tech, 
guidance  on  client  projects.  Will 
use  Solaris,  Unix,  Linux,  windows 
2000  server,  NT,  Java,  C,  C++, 
Visual  C++,  Oracle,  HTML,  Java 
Script,  Vb  Script,  Shell  Script, 
MS  SQL  Server,  ASP,  Clear 
Quest,  Clear  Case,  Informix. 
Bach's  in  CS,  Math  or  MIS  plus 
5yrs  as  systems  analyst  /prog 
analyst,  Will  accept  Mast's  + 
2yrs  exp  as  a  prog  anal/syst 
anal.  Req.  $  85,000/hr,  40hrs/wk, 
9:00am  to  5:00pm.  Pis.  Send 
2  copies  of  resume/letters  of 
application  to:  Job  Order  #  2002- 
329,  PO  Box  989,  Concord,  NH 
03302-0989 


Software  Developer 

Design  customized  software  so¬ 
lutions  based  on  a  client’s  needs. 
Must  have  Bachelors  Degree 
in  Engineering  or  Computer  Sci¬ 
ence  or  in  a  related  field  &  18 
months  exp.  or  1 8  months  exp.  in 
a  related  position  w/ability  to  use: 
SQL  &  AS/400. 

Willing  to  travel  and  relocate 
across  the  U.S. 

40.0  hrs./wk  8:00  AM  -  5:00  PM 
S64.000/Y  r. 

Applicants  send  cover  letter 
and  resume  to: 

SRA  Systems  Limited 
1945  Cliff  Valley  Way 
Suite  270 
Atlanta,  GA  30329 

Attn:  K.  Markandan 


The  Fifth  National 

HIPAA  Summit 

The  Leading  Forum 
on  Healthcare  Privacy , 
Confidentiality, 

Data  Security 
&  HIPAA  Compliance 

The  Most  Important  Conference  You 
Will  Attend  This  Year  on  the 
Health  Insurance  Portability  and  Accountability  Act 

October  30  -  November  1 ,  2002 

Baltimore  Waterfront  Marriott  •  Baltimore,  MD 

Call  800-684-4549 

or  visit  our  website  at  www.hipaasummit.com 


CONTINUING  EDUCATION  CREDITS:  ACHE  •  AAPC  •  ACPE  •  AHIMA  •  ANCC 
CISSP/SSCP  •  HCCB  •  MCLE  •  NASBA  •  ACMPE 


NSHfMBA. 


NATIONAL  SOCIETY  Of  HISPANIC  MBAS 


Things  are  heating  up  in  ~r~  -;g=^-  _  | 

Phoenix  with  the  13th  Annual  t:  m 

NSHMBA  Conference  &  •; 

Career  Expo  around  the  corner!  With  over  200  corporate  sponsors, 
as  well  as,  highly  esteemed  business  executives  from  Fortune  500 
companies,  there  is  something  for  everyone! 


With  educational  plenary  sessions,  dynamic  seminars,  and  non-stop 
networking  opportunities,  the  conference  provides  / 
an  excellent  forum  to  enhance  your  leadership 
skills,  network  effectively  and  continue  to  make 
immeasurable  differences  in  your  career. 

With  all  its  splendors,  Phoenix  awaits  the  best  and  brightest 
Hispanic  professionals  to  immerse  themselves  in  the  greatest 
Latin  professional  gathering  on  the  planet  —  don't  miss  out! 


See  You  In 
Phoenix,  Arizona 
November  7-9 


2002 


NSHM«A 
1 303  Vvairut  l*:!i ! 

Iryincj,  TX  71*55? 
Phone:  2t+-5vb  ■ 


For  more  information  please  visit  www.nshmba.org 


Photos  courtesy  of  Jessen  Associates  for  the  Phoenix  Convention  Center  &  Visitor's  Bt"i  .. 
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SS  Safes  Offices 

/f&Rk  Caro'.  Lasker,  Associate  Publisher/ Vice  President 
9GjSfc  Jane  Weissman,  Sales  Operations  Coordinator 
Internet  cleeker,  jweissman@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 


■  Network  World,  Inc. 

118Turnpike  Road,  Southborough,  MA  01772 
Phone:  (508)  460-3333 

TO  SEND  E-MAIL  TO  NWW  STAFF 

firstname_lastname@nww.com 


Hew  York/New  Jersey 

Tom  Davis.  Associate  Publisher.  Eastern  Region 
Elisa  Della  Rocco,  Regional  Sales  Manager 
Aimee  Jacobs,  Sales  Associate 
Internet:  mavis,  elisas,  ajacobs@nww.com 
(201)  587-0090/FAX:  (201)  712-9786 


Hortheast 

Donna  Pomponi,  Regional  Sales  Manager 
Kathryn  Zinn,  District  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dpomponi,  kzinn.  chorgan@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 


Mid-Atlantic 

Jacqui  DiBianca,  Regional  Sales  Manager 
Marta  Hagan,  Sales  Assistant 
Internet:  jdibian,  mhagan@nww.com 
(610)  971-1530/FAX:  (610)  975-0837 


Midwest/Maryland 

Eric  Danetz,  Senior  District  Manager 
Aimee  Jacobs,  Sales  Associate 
Internet:  edanetz,  ajacobs@nww.com 
(201)  587-0090/FAX:  (201)  712-9786 


Central 

Dan  Gentile.  Midwest  Regional  Director 
Grade  Vela,  Sales  Assistant 
Internet:  dgentile,  gvela@nww.com 
(512)  249-2200/FAX:  (512)  249-2202 

Northern  California 

Sandra  Kupiec,  Associate  Publisher,  Western  Region 
Miles  Dennison,  Regional  Sales  Manager 
Sean  Weglage,  Senior  District  Manager 
Teri  Whitehair,  Office  Manager/Exec.  Asst. 

Berit  Einsiedl,  Sales  Assistant 

Internet:  skupiec,  mdennison,  sweglage,  twhitehair 

beinsiedl@nww.com 

(650)  577-2700/FAX:  (650)  341-6183  _ 


Northwest/Rockies 

Karen  Wilde,  Regional  Sales  Manager 
Lara  Greenberg,  Regional  Sales  Manager 
Kim  Gaffrey,  District  Manager 
Internet:  kwilde,  Igreenberg,  kgaffrey@nww.com 
(650)  577-2700/FAX:  (650)  341-6183  _ 

Southwest 

Becky  Bogart  Randell,  District  Manager 
Angela  Norton,  Sales  Assistant 
Internet:  brandell,  anorton@nww.com 
(949)  250-3006/FAX:  (949)  833-2857 _ 


Southeast 

Don  Seay,  Regional  Sales  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dseay,  chorgan@nww.com 
(404)  845-2886/FAX:  (404)  250-1646 

Custom  Publishing 

Shaun  Budka,  Custom  Media  Solutions  Manager 

Internet:  sbudka@nww.com 

(508)  460-3333/FAX.  (508)  460-1237 _ 


Fusion 

Alonna  Doucette,  Vice  President  Online  Development 
James  Kalbach,  Director,  of  Online  Sales 
Stephanie  Gutierrez,  Online  Account  Manager 
Debbie  Lovell,  Online  Account  Manager 
Kristin  Baker,  Sales  Operations  Manager 
Internet:  adoucette,  jkalbach,  sgutierrez,  dlovell, 
kbaker@nww.com 

(610)  341-6025/FAX:  (610)  971-0557  _ 


MARKETPLACE 

Response  Card  Decks/MarketPlace 


Richard  Black,  Director  of  Marketplace 
Karima  Zannotti,  Senior  Account  Manager 
Enku  Gubaie,  Senior  Account  Manager 
Amie  Gaston,  Account  Manager 
Sharon  Steams.  Sr.  Media  Dev.  4  Operations  Mgr. 
Chris  Gibney.  Sales  Operations  Coordinator 
Internet:  rblack,  kzannott,  egubaie,  agaston, 
sstearns,  cgibney@nww.com 
(508)  460-3333/FAX:  (508)  460-1192 
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VP/ General  Manager,  Janis  Crowley,  East  Regional  Manager, 
Deanne  Holzer,  Midwest/Wes!  Regional  Manager,  Laura 
Wilkinson,  Operations  Director,  Donna  Kent,  Advertising 
Coordinator,  Leilani  Lopez.  Sales  Support, Tina  Silvelra,  Sales 
Support,  Nikki  Wilson  (800)  762-2977/FAX:  (650)  286-2770 


EvileeThibeault,  CEO/Publisher 

John  Gallant,  President/Editorial  Director 

Eleni  Brisbois,  Administrative  Planning  Manager 

FINANCE/BUSINESS  SERVICES 

Mary  Fanning,  Vice  President  Finance 

Paul  Mercer,  Finance  Manager 

Mary  Kaye  Newton,  Billing/AP  Coordinator 

Frank  Coelho,  Senior  Manager,  Business  Services 
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with  an  unknown  in  the  switch 
market,”  says  Gilbert  Maldonado, 
IS  manager  at  technology  print¬ 
ing  firm  Capital  Spectrum  in 
Austin,  Texas. “I  looked  around.  1 
looked  at  Nortel,  1  looked  at 
3Com,  and  I  looked  at  Cisco.  1 
had  it  narrowed  down  to  Cisco 
and  Dell.  The  Dell  switch  was 
almost  half  the  price,  and  it  does 
everything  I  want  it  to.” 

It’s  customer  thinking  like  that 
that  has  competitors  such  as 
3Com  and  Cisco  taking  notice. 
Both  recently  ended  reseller 
agreements  with  Dell,  and  Cisco 
for  the  first  time  pointed  to  Dell 
as  a  competitor  in  its  annual 
report, listing  the  company  better 
known  for  its  PCs  and  servers 
alongside  entrenched  network 
vendors  such  as  3Com,  Foundry 
Networks  and  Nortel. 

The  developments  highlight 
that  Dell,  ranked  ninth  on  the 
NW200  with  roughly  $32  billion 
in  revenue  in  2001,  is  successfully 
inching  its  way  into  the  switching 
market.  The  company  is  buoyed 
by  the  direct  sales,  low-pricing 
approach  it  has  used  to  disrupt 
things  in  every  market  it  has 
entered  since  it  was  founded  in 
1984,  analysts  say. 

“It  shows  they’re  clearly  a 
threat  and  the  competition 
knows  it,”  says  Brooks  Gray,  a 
senior  analyst  at  Technology 
Business  Research. 

While  Cisco  has  a  stranglehold 
on  the  top  end  of  the  enterprise 
network  market,  it’s  the  midmar¬ 
ket  where  Dell  is  focusing, a  strat¬ 
egy  that  should  unsettle  compa¬ 
nies  such  as  3Com,  analysts  say 

“Why  would  Dell  do  its  own 
thing?  Why  would  it  not  partner 


■  Network  World.  118  Turnpike  Road. 
Southborough,  MA  01772-9108,  (508)  460-3333. 

Periodicals  postage  paid  at  Southborough, 
Mass.,  and  additional  mailing  offices.  Posted 
under  Canadian  International  Publication  agree¬ 
ment  #40063800.  Network  World  (ISSN  0887-7661) 
is  published  weekly,  except  for  a  single  combined 
issue  for  the  last  week  in  December  and  the  first 
week  in  January  by  Network  World.  Inc..  118 
Turnpike  Road,  Southborough,  MA  01772-9108. 

Network  World  is  distributed  free  of  charge  in 
the  U.S.  to  qualified  management  or  professionals. 

To  apply  for  a  free  subscription,  go  towww.sub- 
scnbenw.com  or  write  Network  World  at  the 
address  below.  No  subscriptions  accepted  with¬ 
out  complete  identification  of  subscriber's  name, 
job  function,  company  or  organization.  Based  on 
the  information  supplied,  the  publisher  reserves 
the  right  to  reject  non  qualified  requests. 
Subscriptions:  1-508-490-6444. 

Nonqualified  subscribers:  $5.00  a  copy,  U.S  - 
$129  a  year;  Canada  -  $160.50  (including  7%  GST. 
GST#  126659962);  Central  4  South  America  • 
$150  a  year  (surface  mail);  Europe  -  $205  a  year 
(surface  mail),  all  other  countries  -  $300  a  year 
(airmail  service).  Four  weeks  notice  is  required 
for  change  of  address.  Allow  six  weeks  for  new 
subscription  service  to  begin.  Please  include 
mailing  label  from  front  cover  of  the  publication. 


more  with  an  existing  vendor?” 
says  Glenn  Gabriel  Ben-Yosef, 
president  of  Clear  Thinking 
Research.  “The  only  answer  to 
that  is  that  Dell  believes  it  can 
succeed  and  do  better  than 
what  exists  out  there,  and  that’s  a 
scary  thing  for  an  incumbent 
like  3Com.” 

With  the  Ethernet  switch  market 
flat  —  revenues  for  the  market 
grew  just  3%  to  $2.7  billion  in  the 
second  quarter,  according  to  a 
Dell’Oro  Group  report  issued  in 
August  —  it  has  created  a  buyers’ 
market  and  a  perfect 
entry  point  for  a 
company  like  Dell 
to  take  advantage  of 
standards  and  throw  low-cost 
products  into  the  mix. 

Dell  introduced  its  switches 
last  fall  with  pricing  as  low  as 
$10  per  unmanaged  10/100M 
bit/sec  port  and  $100  per 
Gigabit  Ethernet  port.  1DC  says 
that  pricing  for  fix-configured 
Gigabit  Ethernet  switch  ports 
has  dropped  from  about  $800 
per  port  in  1999  to  about  $219 
per  port  this  year,  still  twice  the 
price  that  Dell  offers. 

Dell,  which  partners  with  man¬ 
ufacturing  firms  such  as  Delta 
Technologies  in  Taiwan  to  cre¬ 
ate  and  build  the  switches,  is 
committed  to  its  low-cost  mes¬ 
sage  and  last  week  dropped  its 
switch  prices  another  7%  to 
33%.  Pricing  for  the  Power- 
Connect  3248  48-port,  10/100M 
bit/sec  Ethernet  switch  with  two 
Gigabit  Ethernet  ports  and  Layer 
3  and  Layer  4  awareness,  for 
example,  was  slashed  from 
$1,500  to  $1,000. 

Dell  has  introduced  a  total  of 
nine  Layer  2  switches  under  its 
PbwerConnect  brand  since  last 
fall,  the  most  recent  in  June  when 
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Network  sampler 


Dell  has  rolled  out  a  variety  of  network  gear  since 
entering  the  market  about  a  year  ago. 
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Unmanaged  Ethernet/Fast  Ethernet  PowerConnect  2000 
series  switches  for  small  and  branch  offices 

Ranging  from  16-port  10/100M  bit/sec  Ethernet  boxes 
with  switching  capacity  of  3.2G  bit/sec  and  a  price 
of  $120  to  eight-port  Gigabit  Ethernet  boxes  with 
switching  capacity  of  16G  bit/sec  for  $450. 

Managed  Fast  Ethernet  PowerConnect  3000  series 
workgroup  and  departmental  switches 

Featuring  boxes  that  have  24  to  48  Fast  Ethernet  ports  and  two 
Gigabit  Ethernet  ports,  switching  capacity  up  to 
13.6G  bit/sec,  remote  monitoring  andtraffic 
prioritization,  and  that  start  at  $600. 

Managed  Gigabit  Ethernet  PowerConnect  5000  series 
departmental  and  backbone  switches 

Providing  10  to  24  ports  with  switching  capacity 
of  24G  bit/sec  to  48G  bit/sec,  and  starts  at  $1,200. 

TrueMobile  Wireless  LAN  products 

Including  routers,  access  points  and  adapter  cards. 
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it  rolled  out  the  PowerConnect 
3248  and  the  PowerConnect 
5224,  both  of  which  also  offer 
Layer  3  awareness.  Dell  says  those 
are  its  first  switches  to  include 
enterprise-class  features  such  as 
multilayer  quality  of  service  and 
advanced  management. 

The  company  also  is  trying  to 
help  drive  the  market  for  high¬ 
speed  switches  by  building 
10/100/1000M  bit/sec  adapters 
into  its  business  PCs  and  servers. 

Analysts  doubt  Dell  success 

And  while  analysts  say  they 
doubt  Dell  will  have  much  luck 
or  even  try  competing  at  the 
higher  end  of  the  switching  mar¬ 
ket,  Ulrich  Hansen,  senior  man¬ 
ager  of  networking  at  Dell,  says 
the  PowerConnect  switches  are 
only  a  “first  step.”  He  says  Dell  will 
look  at  offering  Layer  3  switches 
and  modular,  or  chassis-based, 
switches  down  the  road. 

Analysts  say  they  wouldn’t  be 
surprised  to  see  Dell  move  fur¬ 
ther  into  wireless  LANs  (it 
already  offers  some  products 
under  its  TrueMobile  name)  and 
even  consider  firewalls. 

“The  networking  market  pro¬ 
vides  a  lot  of  opportunities  to 
deliver  great  products,  and  we’re 
taking  it  one  step  at  a  time,” 
Hansen  says.“But  we  will  expand 
our  offerings  here.” 

Dell  is  looking  at  a  number  of 
avenues  to  expand  in  light  of  a 
PC  market  that  has  gone  from 
bad  to  worse  (IDC  estimates 
the  market  will  grow  just  1.1% 
this  year,  compared  with  an  ear¬ 
lier  outlook  of  4.7%  growth). 


And  while  Dell  was  the  lone  PC 
vendor  among  the  market  lead¬ 
ers  to  increase  U.S.  shipments 
this  year  —  increasing  by  more 
than  19%  in  the  second  quarter 
—  it  recognizes  that  PC  rev¬ 
enues  won’t  be  enough  to  keep 
the  company  successful,  ana¬ 
lysts  say. 

Dell  has  diversified  into  servers 
and  storage  and  recently  an¬ 
nounced  its  intent  to  enter  the 
printer  market.  Analysts  say  the 
switching  market  is  a  natural 
extension  for  Dell,  which  can 
bundle  standard  switches  with  its 
server  and  computer  products. 

“Dell  doesn’t  bet  on  cutting- 
edge  technologies  to  pull  them 
through.  You’re  not  going  to  see 
Dell  sell  IP  telephony  products. 
They’re  going  to  sell  meat-and- 
potato  switches,”  says  Eric  Good¬ 
ness,  principal  analyst,  Network 
Management  Group,  at  Gartner. 
“They  look  at  technology  that’s 
begun  to  mature.” 

But  some  business  users  ques¬ 
tion  Dell’s  entrance  into  the 
market. 

Jim  Barry,  CIO  for  the  Boston 
Bank  of  Commerce,  has  been  a 
Dell  customer  for  about  three 
years.  He  uses  Dell  servers  and 
storage  arrays,  but  says  he  won¬ 
ders  why  the  company  would 
move  into  the  switching  market. 

“Dell  provides  fantastic  equip¬ 
ment  at  a  good  price,  but  I  don’t 
see  enterprise  networking  as  a 
defined  core  competency^  he 
says.“I  don’t  see  why  they  want  to 
be  an  also-ran  in  a  market  that’s 
saturated.” 

Barry  says  Dell  would  do  bet¬ 


ter  maintaining  its  reseller  rela¬ 
tionships  with  established  net¬ 
work  vendors  such  as  3Com 
and  Cisco.  For  its  part.  Dell  says 
the  end  of  those  relationships 
will  have  little  effect  on  its  busi¬ 
ness. 

“While  we  have 
been  offering  our 
customers  3Com 
and  Cisco  prod¬ 
ucts,  now  that  we 
have  products  in 
the  same  categories,  we 
would,  of  course,  prefer  to  sell 
our  own  products,  and  we’ve 
been  doing  that  over  the  last 
year,”  Hansen  says.“So  the  impact 
on  our  business  by  losing  that 
preferred  status  as  a  reseller,  it’s 
not  material.” 

While  analysts  say 
Dell  still  falls  into 
the  dreaded  “other” 
category  on  their  market 
share  charts  for  switches,  they 
agree  Dell  is  making  progress. 

“I  don’t  think  this  will  go  very 
far  with  large  enterprises,”  says 
David  Willis,  vice  president  of 
global  networking  strategies  at 
Meta  Group.“But  for  a  small-  and 
medium-size  business  customer 
who’s  buying  a  few  servers  from 
Dell,  why  not  buy  a  few  switch¬ 
es,  as  well.” 

That  was  the  thinking  for  David 
Bobzien,  regional  technology 
manager  at  commercial  real 
estate  firm  Colliers  International 
in  Seattle. 

Bobzien  says  he  was  somewhat 
hesitant  about  using  Dell  switch¬ 
es  initially  because  they  were  so 
new  to  the  market,  but  decided 
to  take  the  gamble  after  having 
problems  with  switches  from  a 
larger  vendor. 

“We’re  an  environment  where 
all  of  our  desktops  and  note¬ 
books  and  servers  are  Dell,  and 
the  support  that  I’ve  received 
from  Dell  has  always  been  supe¬ 
rior  over  any  other  manufacturer 
I’ve  dealt  with. So  I  thought  this  is 
a  great  chance,  let’s  see  if  they 
can  deliver  service  like  they  do 
with  computer  products,"  Bob¬ 
zien  says. 

He  says  he  hasn’t  been  disap¬ 
pointed  and  is  getting  better  sup¬ 
port  than  he  was  with  the  larger 
vendor  at  about  half  the  price. 
Plus,  with  desktops,  notebooks, 
servers  and  switches  all  from 
Dell,  he  has  just  one  place  to  call 
when  there’s  trouble,  he  says. 
That’s  the  type  of  customer  Dell 
is  looking  for  as  it  expands  its 
products  with  additional  net¬ 
work  gear  W- 

6ei  men  iflfsnwiiK)  ediae. 
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Mark  Gibbs 


What  the  gov. 


Great  fleas  have  little  fleas 
Upon  their  backs  to  bite  ’em. 
And  little  fleas  have  lesser  fleas 
And  so  ad  infinitum. 

—  AUGUSTUS  DE  MORGAN 


OK,  now  my  cold  is  gone  and  my  gloom  has  lifted 
and  the  world  once  again  seems  a  happy  and  posi¬ 
tive  place.  On  the  other  hand,  President  Bush’s  Criti¬ 
cal  Infrastructure  Protection  Board  draft  report  titled 
“The  National  Strategy  to  Secure  Cyberspace”  that  I 
discussed  last  week  still  looks  as  useless  as  ever. 

Having  read  further  into  it  I  feel  like  I  shouldn’t 
have  wasted  my  time:  Deep  down  inside,  the  “strat¬ 
egy”  is  just  as  shallow  as  it  appeared  to  be. 

As  1  suggested  last  week,  the  problem  is  that  the 
whole  thing  has  no  teeth. The  report  manages  to 
state  the  obvious  with  mind-numbing  prose  that  out¬ 
lines  the  problems  as  seen  from  50,000  feet  but  fails 
to  tell  us  what  happens  when  we  hit  the  ground. 

So  here’s  my  suggestion:  First,  the  government 
should  set  standards  for  security  that  it  will  adhere 
to  across  all  branches.This  has  not  been  an  area  of 
competence.The  list  of  hacked  government  Web 
sites  and  intrusions  at  federal  and  state  online  prop¬ 
erties  make  it  clear  that  the  government’s  house  is 
anything  but  in  order. 


should  have  done  about  security 


So  Earth  to  CIPB:  Get  the  government  sorted  out! 
Develop  a  strategy  that  makes  the  federal  govern¬ 
ment  a  model  of  how  to  conduct  business  securely 
and  effectively  in  an  online  culture. 

The  strategy  should  be  based  on  the  technology  to 
be  used  and  best  practices.The  latter  must  be  archi¬ 
tected  so  that  the  best  practices  apply  to  managing 
an  evolving  technology  base  and  dealing  with  inter¬ 
actions  between  people  using  the  technology. 

Underpinning  the  whole  plan  must  be  a  system  of 
audits  that  test  and  validate.Then  we  have  assurance 
that  you,  our  elected  representatives,  are  doing  what 
you  said  you  would  do  with  our  money  and  that 
there  is  a  positive  result. 

OK.That’s  the  first  part.  Now  let’s  turn  that  into 
teeth.  If  you  want  to  do  business  with  the  govern¬ 
ment,  you  must  adhere  to  the  same  principles.  I  bet 
that  any  government  supplier,  when  faced  with  such 
a  requirement,  will  bite  the  security  bullet, so  to 
speak,  and  clean  up  his  act. 

To  make  this  really  effective,  if  you,  the  private  con¬ 
tractor,  can  deal  with  the  government  because  you 
meet  the  requirements,  then  it  is  mandatory  that 
whoever  deals  with  you  abides  by  and  maintains  the 
same  standards. 

If  they  don’t  meet  those  standards,  then  you,  the 
private  contractor  that  does  meet  the  standards,  will 
be  considered  unsecure  and  you  can  no  longer 


work  with  the  government.  And  audits  will  check 
you  and  your  downstream  business  partners. 

Now  when  it  comes  to  consumers,  the  standards 
must  be  simpler  but  still  effective. This  will  mean  that 
if  you,  Joe  Blow,  want  to  do  online  banking  you  must 
meet  certain  standards  for  the  bank  to  work  with 
you.  Nothing  onerous,  just  basic  security 

To  make  this  work,  the  government  will  have  to 
provide  tax  and  other  financial  incentives  for  busi¬ 
nesses  to  enable  their  consumers  to  be  secure, 
because  it  is  unreasonable  to  expect  consumers  to 
do  that  which  has  no  obvious  pay  off. 

We’re  simply  trying  to  make  security  trickle  down 
and  using  an  economic  stick  to  make  it  happen.  And 
it  is  important  that  this  strategy  doesn't  attempt  to 
regulate  the  Internet. 

We  don’t  need  Internet  police  and  information 
superhighway  driving  licenses  —  such  things  would 
only  to  dampen  Internet  commerce  and  erode  our 
constitutional  rights  even  more  than  they  have  been. 

The  strategy  must  create  secured  relationships 
such  that,  when  we  need  assurance  that  people  are 
who  they  claim  to  be,  we  can  get  that  assurance. 
Perhaps  building  a  network  of  trust  in  our  society  is 
the  most  strategic  view  we  could  take. 

So  there  we  are,  problem  solved. 

Simple  questions  to  backspin@gibbs.com. 


uzz  News,  insights,  opinions  and  oddities 


By  Paul  McNamara 

Getting  a  grip  on  grids 

United  Devices  CEO  Ed  Hubbard  gets  his  back  up 
a  bit  at  the  suggestion  that  the  grid  computing  mar¬ 
ket  has  yet  to  lose  the  training  wheels. 

"I  would  disagree  with  you,”  Hubbard  says.  “We’ve 
got  two  of  the  largest  drug  companies  in  the  world 
[GlaxoSmithKline  and  Novartis]  deploying  today.  I 
don’t  know  when  a  market  happens,  but  that  sounds 
like  one  of  the  leading  indicators.” 

An  encouraging  sign,  perhaps,  and  certainly  validation  of  the  technology’s  prac¬ 
ticality,  but  a  handful  of  high-profile  customers  does  not  lay  to  rest  the  question 
of  whether  grid  computing  eventually  will  become  ubiquitous. 

Even  an  evangelist  such  as  Hubbard  acknowledges  the  business  climate  is  un¬ 
friendly  today  toward  anything  that  hasn’t  been  around  the  block  a  few  times. 

"It’s  a  very  risk-averse  environment  right  now,"  he  says.  "The  last  thing  you  want 
to  do  is  screw  up  something  royally  in  an  environment  like  this." 

Hubbard  makes  a  compelling  case  —  on  paper  —  that  going  with  his  company 
is  anything  but  screwing  up.  One  slide  in  his  presentation  contends  that  a  160- 
node  United  Devices-enabled  grid  that  would  cost  $40,000  can  provide  the  same 
computing  punch  as  a  high-end  IBM  machine  that  goes  for  $2  million. 

So  why  would  anyone  write  that  big  check  to  Big  Blue? 

"That’s  the  safe  choice,"  Hubbard  says.  "[A  grid]  is  the  hero's  choice,  and  in  a 
risk-averse  environment  there  are  a  lot  less  heroes  than  there  used  to  be." 

United  Devices  is  certainly  trying  to  make  it  easier  for  heroes  to  step  up. 

While  its  MetaProcessor  Platform  that  lets  customers  create  their  own  in- 
house  grids  remains  the  company’s  bread  and  butter,  United  Devices  plans  to 
launch  a  service  this  quarter  that  will  let  customers  tap  into  a  7,000-node  grid 


that  was  built  by  an  as-yet-unnamed  Fortune  500  company  partner. 

This  "partner  grid"  is  intended  to  attract  customers  who  might  need  access  to 
this  type  of  supercharged  computing  power  from  time  to  time,  but  lack  the 
wherewithal  to  deploy  their  own  grid  in-house.  It's  also  designed  to  allay  the  secu¬ 
rity  concerns  Hubbard  says  have  been  an  insurmountable  obstacle  for  public 
computing  grids,  including  the  1.7  million-device  grid  that  United  Devices  oper¬ 
ates  primarily  for  demonstration  projects  and  the  occasional  commercial  job. 

The  partner  plan  sounds  promising. 

Training  wheels  do  come  off. 

Rudy  to  the  rescue . . .  again. 

The  man's  resume  begins  in  law  enforcement  and  ends  in  politics,  while  he's 
best  known  for  having  been  the  resolute  public  face  of  New  York  after  Sept.  11. 

So  it  might  come  as  a  bit  of  a  surprise  that  Rudy  Guiliani  has  hit  the  top  of  the 
charts  as  a  keynote  speaker  at  technology-related  events. 

Novell  will  become  the  latest  to  attempt  to  cash  in  on  Guiliani's  cachet  when  it 
hosts  a  Web-based  conference  Oct.  16  to  plug  its  new  Nsure  identity-manage¬ 
ment  initiative. 

“His  speech,  'Leadership  in  Difficult  Times,'  will  be  an  insightful  look  into  the 
qualities  that  inspire  confidence  and  success,"  an  e-mail  from  Novell  promises. 
“These  same  qualities  are  at  the  heart  of  Novell  Nsure." 

Some  marketer  must  have  pulled  a  muscle  making  that  stretch. 

The  strategy  is  an  old  one,  of  course.  Get  the  customer’s  attention  with  a 
celebrity  speaker  and  then  slip  in  the  sales  pitch  while  the  starlight  is  twinkling. 

But  are  IT  buyers  really  that  easily  awed?  Seems  unlikely. 

Of  course,  using  Guiliani  has  got  to  be  a  better  bet  than  whatever  Novell's  been 
doing  these  past  few  years. 

Make  a  speech  of  your  own.  The  address  is  buzz@nww.corn. 


Wireless  802.11b,  11Mbps 


rough  the  air 


with  the  greatest  of  ease 

...and  security 
...and  reliability 
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^ou  want  to  extend  your  existing  Ethernet  network  or  set  up  a  new  network  and  want 
assurance  of  security,  easy  installation,  and  reliable  performance,  look  to  NETGEAR® 
for  wireless  solutions.  They  make  it  possible  to  connect  to  an  office  network  or  to  the  Internet 
at  home  or  on  the  road,  providing  a  breath  of  fresh  air  over  restrictive  hardware  solutions. 


Consider  our  award-winning,  802.1 1  b  cable/DSL  ProSafe  Firewall  (FM1 1 4P)  if  you're 
looking  for  the  utmost  in  business-class  security  in  a  multi-functioning  package.  This  super 
performer  packs  a  router,  4-port  10/100  Mbps  switch,  print  server,  Wi-Fi  certified 
access  point  and  SPI  (Stateful  Packet  Inspection)  firewall  in  one  mega-capable  unit  -  a 
great  investment. 


Or  you  might  want  to  try  NETGEAR's  award  winning,  standalone  access  point  (ME102), 
which  provides  continuous,  wireless  connectivity  to  your  Ethernet  network.  And  with 
NETGEAR's  wireless  PCI  PC  Adapter  (MA311)  for  desktop  PCs,  you  can  easily  and 
affordably  share  your  Internet  connection  among  multiple  PCs  anywhere  if?  and  around 
your  home  or  office  -  a  boost  to  your  productivity.  Add  a  wireless  PC  card  (MA401  j  to 
your  laptop  and  enjoy  the  convenience  of  being  mobile. 


Take  advantage  of  wireless  networking  that  conforms  to  industry  standards  and  is  backed 
by  24x7  toll-free  support.  NETGEAR's  Wi-Fi  based  2.4  GHz  802.11b  solutions  moke  r 
possible,  securely,  easily,  and  reliably.  To  learn  more,  visit  wwv/.netgeor  com 
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RUNS  YOUR  BUSINESS. 

ANDItSELEB^H 


(©server 


A  winning  team:  High  tech  and  low  stress.  Introducing  the  IBM  (©server  iSeries" 890. 32-way  processor,  twice 
the  memory  and  I/O’. That’s  mainframe  power.  Dynamic  logical  partitioning,  self-optimizing  disk  management  and 
single-network  sign-on.  That’s  low-stress  simplicity.  So,  like  the  entire  iSeries  line,  the  i890  couples  high 
performance  with  ease.  For  a  paper  on  how  i890  can  deliver  mainframe  power  and  simplicity  to  your  business,  go  to 
ibm.com/eserver/i890.  Raise  your  standards.  Not  your  blood  pressure. 


(S/wstess 


As  compared  to  the  IBM  e Server  iSeries  840  IBM  the  e-busmess  logo.  eServer.  iSeries  and  e-business  is  the  game  Play  to  win  are  trademarks  or  registered  trademarks  at  International  Business  Machines  Corporation  «i  the 
dn.ied  Stales  andor  othei  countries  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  ol  others.  &  2002  IBM  Corporation.  All  rights  reserved 


